Академический Документы
Профессиональный Документы
Культура Документы
Release
15.1
Modified: 2015-06-26
ii
Table of Contents
About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Documentation and Release Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Supported Platforms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Using the Examples in This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Merging a Full Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi
Merging a Snippet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvi
Documentation Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Documentation Feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Requesting Technical Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Self-Help Online Tools and Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . xix
Opening a Case with JTAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx
Part 1
Overview
Chapter 1
Introduction to IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
IS-IS Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
IS-IS Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
ISO Network Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
IS-IS Packets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Persistent Route Reachability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
IS-IS Support for Multipoint Network Clouds . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Installing a Default Route to the Nearest Routing Device That Operates at
Both IS-IS Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Supported Standards for IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Part 2
Configuring IS-IS
Chapter 2
iii
Chapter 3
Chapter 4
Chapter 5
Chapter 6
iv
Table of Contents
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Part 3
Chapter 12
Chapter 13
Chapter 14
Chapter 15
Part 4
Chapter 16
vi
Table of Contents
vii
no-authentication-check . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
no-csnp-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
node . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
node-tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
node-link-protection (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
no-eligible-backup (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
no-eligible-remote-backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
no-hello-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
no-ipv4-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
no-ipv4-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
no-ipv6-multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
no-ipv6-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
no-ipv6-unicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
no-psnp-authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
no-unicast-topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
overload (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
passive (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
point-to-point . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
preference (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
prefix-export-limit (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
priority (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
reference-bandwidth (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
remote-backup-calculation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
rib-group (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
routing-instances (Multiple Routing Entities) . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
shortcuts (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
spf-options (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
static-host-mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
te-metric (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
topologies (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
traceoptions (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
traffic-engineering (Protocols IS-IS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
wide-metrics-only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Chapter 17
viii
Table of Contents
Part 5
Index
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675
ix
List of Figures
Part 1
Overview
Chapter 1
Introduction to IS-IS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Figure 1: Install Default Route to Nearest Routing Device That Operates at Both
Level 1 and Level 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Part 2
Configuring IS-IS
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
xi
Chapter 9
Chapter 11
Part 3
Chapter 13
Chapter 14
xii
List of Tables
About the Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv
Table 1: Notice Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii
Table 2: Text and Syntax Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii
Part 2
Configuring IS-IS
Chapter 5
Chapter 6
Part 3
Chapter 13
Chapter 14
Chapter 15
Part 4
Chapter 16
Chapter 17
xiii
xiv
To obtain the most current version of all Juniper Networks technical documentation,
see the product documentation page on the Juniper Networks website at
http://www.juniper.net/techpubs/.
If the information in the latest release notes differs from the information in the
documentation, follow the product Release Notes.
Juniper Networks Books publishes books by Juniper Networks engineers and subject
matter experts. These books go beyond the technical documentation to explore the
nuances of network architecture, deployment, and administration. The current list can
be viewed at http://www.juniper.net/books.
Supported Platforms
For the features described in this document, the following platforms are supported:
ACX Series
T Series
MX Series
SRX Series
M Series
xv
configuration into the current candidate configuration. The example does not become
active until you commit the candidate configuration.
If the example configuration contains the top level of the hierarchy (or multiple
hierarchies), the example is a full example. In this case, use the load merge command.
If the example configuration does not start at the top level of the hierarchy, the example
is a snippet. In this case, use the load merge relative command. These procedures are
described in the following sections.
From the HTML or PDF version of the manual, copy a configuration example into a
text file, save the file with a name, and copy the file to a directory on your routing
platform.
For example, copy the following configuration to a file and name the file ex-script.conf.
Copy the ex-script.conf file to the /var/tmp directory on your routing platform.
system {
scripts {
commit {
file ex-script.xsl;
}
}
}
interfaces {
fxp0 {
disable;
unit 0 {
family inet {
address 10.0.0.1/24;
}
}
}
}
2. Merge the contents of the file into your routing platform configuration by issuing the
Merging a Snippet
To merge a snippet, follow these steps:
1.
From the HTML or PDF version of the manual, copy a configuration snippet into a text
file, save the file with a name, and copy the file to a directory on your routing platform.
For example, copy the following snippet to a file and name the file
ex-script-snippet.conf. Copy the ex-script-snippet.conf file to the /var/tmp directory
on your routing platform.
xvi
commit {
file ex-script-snippet.xsl; }
2. Move to the hierarchy level that is relevant for this snippet by issuing the following
For more information about the load command, see the CLI User Guide.
Documentation Conventions
Table 1 on page xvii defines notice icons used in this guide.
Meaning
Description
Informational note
Caution
Warning
Laser warning
Tip
Best practice
Table 2 on page xviii defines the text and syntax conventions used in this guide.
xvii
Description
Examples
| (pipe symbol)
broadcast | multicast
# (pound sign)
[ ] (square brackets)
; (semicolon)
[edit]
root@# set system domain-name
domain-name
[edit]
routing-options {
static {
route default {
nexthop address;
retain;
}
}
}
GUI Conventions
xviii
Description
Examples
Documentation Feedback
We encourage you to provide feedback, comments, and suggestions so that we can
improve the documentation. You can provide feedback by using either of the following
methods:
Online feedback rating systemOn any page at the Juniper Networks Technical
Documentation site at http://www.juniper.net/techpubs/index.html, simply click the
stars to rate the content, and use the pop-up form to provide us with information about
your experience. Alternately, you can use the online feedback form at
https://www.juniper.net/cgi-bin/docbugreport/.
JTAC hours of operationThe JTAC centers have resources available 24 hours a day,
7 days a week, 365 days a year.
xix
Find solutions and answer questions using our Knowledge Base: http://kb.juniper.net/
To verify service entitlement by product serial number, use our Serial Number Entitlement
(SNE) Tool: https://tools.juniper.net/SerialNumberEntitlementSearch/
xx
PART 1
Overview
CHAPTER 1
Introduction to IS-IS
IS-IS Overview
The IS-IS protocol is an interior gateway protocol (IGP) that uses link-state information
to make routing decisions.
IS-IS is a link-state IGP that uses the shortest-path-first (SPF) algorithm to determine
routes. IS-IS evaluates the topology changes and determines whether to perform a full
SPF recalculation or a partial route calculation (PRC). This protocol originally was
developed for routing International Organization for Standardization (ISO) Connectionless
Network Protocol (CLNP) packets.
Like OSPF routing, IS-IS uses hello packets that allow network convergence to occur
quickly when network changes are detected. IS-IS uses the SPF algorithm to determine
routes. Using SPF, IS-IS evaluates network topology changes and determines if a full or
partial route calculation is required.
Installing a Default Route to the Nearest Routing Device That Operates at Both IS-IS
Levels on page 7
IS-IS Terminology
An IS-IS network is a single autonomous system (AS), also called a routing domain, that
consists of end systems and intermediate systems. End systems are network entities that
send and receive packets. Intermediate systems send and receive packets and relay
(forward) packets. (Intermediate system is the Open System Interconnection [OSI] term
for a router.) ISO packets are called network PDUs.
In IS-IS, a single AS can be divided into smaller groups called areas. Routing between
areas is organized hierarchically, allowing a domain to be administratively divided into
smaller areas. This organization is accomplished by configuring Level 1 and Level 2
intermediate systems. Level 1 systems route within an area; when the destination is
outside an area, they route toward a Level 2 system. Level 2 intermediate systems route
between areas and toward other ASs. No IS-IS area functions strictly as a backbone.
Level 1 routers share intra-area routing information, and Level 2 routers share interarea
information about IP addresses available within each area. Uniquely, IS-IS routers can
act as both Level 1 and Level 2 routers, sharing intra-area routes with other Level 1 routers
and interarea routes with other Level 2 routers.
The propagation of link-state updates is determined by the level boundaries. All routers
within a level maintain a complete link-state database of all other routers in the same
level. Each router then uses the Dijkstra algorithm to determine the shortest path from
the local router to other routers in the link-state database.
NETs take several forms, depending on your network requirements. NET addresses are
hexadecimal and range from 8 octets to 20 octets in length. Generally, the format consists
of an authority and format Identifier (AFI), a domain ID, an area ID, a system identifier,
and a selector. The simplest format omits the domain ID and is 10 octets long. For
example, the NET address 49.0001.1921.6800.1001.00 consists of the following parts:
49AFI
0001Area ID
1921.6800.1001System identifier
00Selector
The system identifier must be unique within the network. For an IP-only network, we
recommend using the IP address of an interface on the router. Configuring a loopback
NET address with the IP address is helpful when troubleshooting is required on the
network.
The first portion of the address is the area number, which is a variable number from 1
through 13 bytes. The first byte of the area number (49) is the authority and format
indicator (AFI). The next bytes are the assigned domain (area) identifier, which can be
from 0 through 12 bytes. In the examples above, the area identifier is 0001.
The next six bytes form the system identifier. The system identifier can be any six bytes
that are unique throughout the entire domain. The system identifier commonly is the
media access control (MAC) address (as in the first example, 00a0.c96b.c490) or the
IP address expressed in binary-coded decimal (BCD) (as in the second example,
2081.9716.9018, which corresponds to IP address 208.197.169.18). The last byte (00) is
the n-selector.
To provide help with IS-IS debugging, the Junos operating system (Junos OS) supports
dynamic mapping of ISO system identifiers to the hostname. Each system can be
configured with a hostname, which allows the system identifier-to-hostname mapping
to be carried in a dynamic hostname type, length, and value (TLV) tuple in IS-IS link-state
PDUs. This enables intermediate systems in the routing domain to learn about the ISO
system identifier of a particular intermediate system.
IS-IS Packets
Each IS-IS PDU shares a common header. IS-IS uses the following PDUs to exchange
protocol information:
IS-IS hello (IIH) PDUsBroadcast to discover the identity of neighboring IS-IS systems
and to determine whether the neighbors are Level 1 or Level 2 intermediate systems.
IS-IS hello PDUs establish adjacencies with other routers and have three different
formats: one for point-to-point hello packets, one for Level 1 broadcast links, and one
for Level 2 broadcast links. Level 1 routers must share the same area address to form
an adjacency, while Level 2 routers do not have this limitation. The request for adjacency
is encoded in the Circuit type field of the PDU.
Hello PDUs have a preset length assigned to them. The IS-IS router does not resize
any PDU to match the maximum transmission unit (MTU) on a router interface. Each
interface supports the maximum IS-IS PDU of 1492 bytes, and hello PDUs are padded
to meet the maximum value. When the hello is sent to a neighboring router, the
connecting interface supports the maximum PDU size.
requesting that the missing link-state PDU be transmitted. That routing device, in turn,
forwards the missing link-state PDU to the requesting routing device.
A PSNP is used by an IS-IS router to request link-state PDU information from a
neighboring router. A PSNP can also explicitly acknowledge the receipt of a link-state
PDU on a point-to-point link. On a broadcast link, a CSNP is used as implicit knowledge.
Like hello PDUs and CSNPs, the PSNP also has two types: Level 1 and Level 2.
When a device compares a CSNP to its local database and determines that a link-state
PDU is missing, the router issues a PSNP for the missing link-state PDU, which is returned
in a link-state PDU from the router sending the CSNP. The received link-state PDU is
then stored in the local database, and an acknowledgment is sent back to the originating
router.
Installing a Default Route to the Nearest Routing Device That Operates at Both IS-IS Levels
When a routing device that operates as both a Level 1 and Level 2 router (Router B)
determines that it can reach at least one area other than its own (for example, in Area
Y), it sets the ATTACHED bit in its Level 1 link-state PDU. Thereafter, the Level 1 router
(Router A) introduces a default route pointing to the nearest attached routing device
that operates as both a Level 1 and Level 2 router (Router B). See Figure 1 on page 7.
Related
Documentation
ISO 9542, End System to Intermediate System Routing Exchange Protocol for Use in
Conjunction with the Protocol for the Provision of the Connectionless-mode Network
Service
RFC 1195, Use of OSI IS-IS for Routing in TCP/IP and Dual Environments
RFC 3847, Restart Signaling for Intermediate System to Intermediate System (IS-IS)
RFC 5120, M-ISIS: Multi Topology (MT) Routing in Intermediate System to Intermediate
Systems (IS-ISs)
The following RFCs do not define standards, but provide information about IS-IS and
related technologies. The IETF classifies them as Informational.
Related
Documentation
RFC 3359, Reserved Type, Length and Value (TLV) Codepoints in Intermediate System
to Intermediate System
RFC 3373, Three-Way Handshake for Intermediate System to Intermediate System (IS-IS)
Point-to-Point Adjacencies
RFC 5309, Point-to-Point Operation over LAN in Link State Routing Protocols
10
PART 2
Configuring IS-IS
11
12
CHAPTER 2
Take the router ID, remove the dots (.), and insert leading zeroes where necessary so
that the string is 12 characters long.
For example, if the router ID is 192.168.0.4, the 12-character string would be
192168000004. If the router ID is 10.12.23.1, the 12-character string would be
010012023001.
If the routing devices are in area 47, the strings would become 47.1921.6800.0004
and 47.0100.1202.3001.
4. Append the selector (00).
13
You must configure the ISO family on all interfaces that are supporting the IS-IS protocol
by setting family iso on the interface. This means that IS-IS related frames are not
discarded by the routing devices.
You must enable IS-IS to run on the interfaces by setting interface interface-name in the
protocol configuration. This means that the interfaces are advertised into IS-IS.
Unlike OSPF, when you enable IS-IS on the lo0 interface, you do not need to explicitly
set passive mode. Passive mode means that the interface is advertised into the link-state
protocol, but the interface does not send or receive protocol control packets, such as
IS-IS hello and link-state PDUs. In IS-IS, the lo0 interface is always passive.
When you enable IS-IS on an interface, both levels (Level 1 and Level 2) are enabled by
default. To specify that an interface is on a Level 1 link, disable Level 2. To specify that
an interface is on a Level 2 link, disable Level 1. You can disable a level on the entire device
or per-interface. If two routing devices, R1 and R2, are both in the same IS-IS area, they
communicate at Level 1 if one or both devices have Level 2 disabled.
For security devices only, you must enable IS-IS by setting mode packet-based at the
[edit security forwarding-options family iso] hierarchy level.
Related
Documentation
Requirements on page 14
Overview on page 14
Configuration on page 15
Verification on page 17
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
In this example, you configure the two IS-IS routing devices in a single area. The devices
have NET addresses 49.0002.0192.0168.0001.00 and 49.0002.0192.0168.0002.00 on
the lo0 interfaces. Additionally, you configure the ISO family on the IS-IS interfaces.
For Junos OS security devices only, you configure the mode packet-based statement at
the [edit security forwarding-options family iso] hierarchy level.
14
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
CLI Quick Configuration on page 15 shows the configuration for both of the devices in
Figure 2 on page 15. The section Step-by-Step Procedure on page 15 describes the
steps on Device R1.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Device R2
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS:
1.
2.
Create the interface that connects to Device R2, and configure the ISO family on
the interface.
[edit interfaces ge-1/2/0 unit 0]
user@R1# set description to-R2
15
Create the loopback interface, set the IP address, and set the NET address.
[edit interfaces lo0 unit 0]
user@R1# set family inet address 192.168.0.1/32
user@R1# set family iso address 49.0002.0192.0168.0001.00
4.
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, and show security commands. If the output does not display the intended
configuration, repeat the instructions in this example to correct the configuration.
user@R1# show security
forwarding-options {
family iso {
mode packet-based;
}
}
user@R1# show interfaces
ge-1/2/0 {
unit 0 {
description to-R2;
family inet {
address 10.0.0.1/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
}
}
user@R1# show protocols
isis {
interface ge-1/2/0.0;
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode.
16
Verification
Confirm that the configuration is working properly.
Meaning
Level 2 DR
Passive
R2.02
L1/L2 Metric
0/0
10/10
Verify that the output shows the intended configuration of the interfaces on which IS-IS
is enabled.
Meaning
Router
Router
us)
us)
Check the following output fields and verify that the output shows the intended
configuration of IS-IS-enabled interfaces:
17
1Level 1 only
2Level 2 only
L or LevelType of adjacency:
1Level 1 only
2Level 2 only
Meaning
1
2
L State
Up
Up
18
R2
Interface: ge-1/2/0.0, Level: 2, State: Up, Expires in 8 secs
Priority: 64, Up/Down transitions: 1, Last transition: 00:40:28 ago
Circuit type: 3, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bd
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.0.0.2
Transition log:
When
State
Event
Down reason
Thu May 31 11:18:48
Up
Seenself
Meaning
Check the following fields and verify the adjacency information about IS-IS neighbors:
1Level 1 only
2Level 2 only
An exclamation point before the level number indicates that the adjacency is missing
an IP address.
Related
Documentation
19
Requirements on page 20
Overview on page 20
Configuration on page 21
Verification on page 25
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Like OSPF, the IS-IS protocol supports the partitioning of a routing domain into multiple
areas with levels that control interarea flooding. The use of multiple levels improves
protocol scalability, as Level 2 (backbone) link-state PDUs are normally not flooded into
a Level 1 area.
An IS-IS Level 2 area is analogous to the OSPF backbone area (0), while a Level 1 area
operates much like an OSPF totally stubby area, in that a default route is normally used
to reach both inter-level and AS external routes.
Unlike OSPF, IS-IS area boundaries occur between routers, such that a given routing
device is always wholly contained within a particular area. Level 1 adjacencies can be
formed between routers that share a common area number, while a Level 2 adjacency
can be formed between routers that might or might not share an area number.
Figure 3 on page 21 shows the topology used in this example.
20
fe-1/2/0.42 .42
10.0.0.40/30
49.002
Level 1
fe-1/2/2.41 .41
R3
.21
R6
.30
.22
.26
.33
R5
.18
.29
.38
.25
.34
.37
R4
R7
49.001
g041256
.17
Level 2
CLI Quick Configuration on page 21 shows the configuration for all of the devices in
Figure 3 on page 21. The section Step-by-Step Procedure on page 23 describes the
steps on Device R5.
This example has the following characteristics:
Loss of any individual interface does not totally disrupt the IS-IS operation.
The IPv4 lo0 addresses of all routers are reachable through IS-IS.
The link between Device R3 and Device S1 appears in area 49.001 as an intra-area
route. No IS-IS adjacencies can be established on this interface. This is accomplished
by configuring the passive statement on Device R3s interface to Device S1.
Configuration
CLI Quick
Configuration
Device R3
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces fe-1/2/0 unit 0 description to-R4
set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.17/30
set interfaces fe-1/2/0 unit 0 family iso
set interfaces fe-1/2/1 unit 0 description to-R5
set interfaces fe-1/2/1 unit 0 family inet address 10.0.0.21/30
set interfaces fe-1/2/1 unit 0 family iso
set interfaces fe-1/2/2 unit 0 family inet address 10.0.0.41/30
21
22
Device R4
Device R5
Device R6
Device R7
Device S1
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure multi-level IS-IS:
1.
2.
3.
23
hierarchy level). To disable IS-IS at any particular level on an interface, include the
disable statement.
Device R5s loopback interface is configured to run Level 2 only. If Level 1 operation
were enabled on lo0.0, Device R5 would include its loopback address in its Level 1
link-state PDU, which is incorrect for this example in which the loopback addresses
of Level 2 devices must not appear in a Level 1 area.
Unlike OSPF, you must explicitly list the routers lo0 interface at the [edit protocols
isis] hierarchy level, because this interface is the source of the routers NET, and
therefore must be configured as an IS-IS interface. In IS-IS, the lo0 interface operates
in the passive mode by default, which is ideal because adjacency formation can
never occur on a virtual interface.
[edit protocols isis]
user@R5# set interface fe-1/2/0.0 level 1 disable
user@R5# set interface fe-1/2/1.0 level 1 disable
user@R5# set interface fe-1/2/0.0 level 2 disable
user@R5# set interface fe-1/2/3.0 level 2 disable
user@R5# set interface lo0.0 level 1 disable
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R5# show interfaces
fe-1/2/0 {
unit 0{
description to-R3;
family inet {
address 10.0.0.22/30;
}
family iso;
}
}
fe-1/2/1 {
unit 0 {
description to-R4;
family inet {
address 10.0.0.26/30;
}
family iso;
}
}
fe-1/2/2 {
unit 0 {
description to-R6;
family inet {
address 10.0.0.29/30;
}
family iso;
}
}
fe-1/2/3 {
unit 0 {
24
description to-R7;
family inet {
address 10.0.0.38/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.5/32;
}
family iso {
address 49.002.0192.0168.0005.00;
}
}
}
user@R5# show protocols
isis {
interface fe-1/2/0.0 {
level 1 disable;
}
interface fe-1/2/1.0 {
level 1 disable;
}
interface fe-1/2/0.0 {
level 2 disable;
}
interface fe-1/2/3.0 {
level 2 disable;
}
interface lo0.0 {
level 1 disable;
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
25
Meaning
Level 2 DR
Passive
R5.03
R5.02
Disabled
Disabled
L1/L2 Metric
0/0
10/10
10/10
10/10
10/10
The output shows that Device R5s interfaces have been correctly configured with the
ISO family, and that the interfaces have been placed into the correct levels.
You can also see that Device R5 has elected itself as the designated intermediate system
(DIS) on its broadcast-capable IS-IS interfaces.
Action
Verify that the expected adjacencies have formed between Device R5 and its IS-IS
neighbors.
From operational mode, enter the show isis adjacency detail command.
user@R5> show isis adjacency detail
R3
Interface: fe-1/2/0.0, Level: 2, State: Up, Expires in 25 secs
Priority: 64, Up/Down transitions: 1, Last transition: 03:19:31 ago
Circuit type: 2, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bc
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R5.03, IP addresses: 10.0.0.21
R4
Interface: fe-1/2/1.0, Level: 2, State: Up, Expires in 24 secs
Priority: 64, Up/Down transitions: 1, Last transition: 03:19:36 ago
Circuit type: 2, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bc
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R5.02, IP addresses: 10.0.0.25
R6
Interface: fe-1/2/0.0, Level: 1, State: Up, Expires in 6 secs
Priority: 64, Up/Down transitions: 1, Last transition: 03:20:24 ago
Circuit type: 1, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bd
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R6.02, IP addresses: 10.0.0.30
R7
Interface: fe-1/2/3.0, Level: 1, State: Up, Expires in 21 secs
Priority: 64, Up/Down transitions: 1, Last transition: 03:19:29 ago
Circuit type: 1, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bc
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R5.04, IP addresses: 10.0.0.37
Meaning
26
These results confirm that Device R5 has two Level 2 adjacencies and two Level 1
adjacencies.
Action
Because Device R5 is a Level 1/Level 2 (L1/L2) attached router, examine the Level 1
link-state database associated with area 49.002 to confirm that loopback addresses
from backbone routers are not being advertised into the Level 1 area.
From operational mode, enter the show isis database detail command.
user@R5> show isis database detail
IS-IS level 1 link-state database:
R5.00-00 Sequence: 0x19, Checksum: 0x7488, Lifetime: 727 secs
IS neighbor: R5.04
Metric:
10
IS neighbor: R6.02
Metric:
10
IP prefix: 10.0.0.28/30
Metric:
10 Internal Up
IP prefix: 10.0.0.36/30
Metric:
10 Internal Up
R5.04-00 Sequence: 0x14, Checksum: 0x2668, Lifetime: 821 secs
IS neighbor: R5.00
Metric:
0
IS neighbor: R7.00
Metric:
0
R6.00-00 Sequence: 0x17, Checksum: 0xa65, Lifetime: 774 secs
IS neighbor: R6.02
Metric:
10
IS neighbor: R7.02
Metric:
10
IP prefix: 10.0.0.28/30
Metric:
10 Internal Up
IP prefix: 10.0.0.32/30
Metric:
10 Internal Up
IP prefix: 192.168.0.6/32
Metric:
0 Internal Up
R6.02-00 Sequence: 0x13, Checksum: 0xd1c0, Lifetime: 908 secs
IS neighbor: R5.00
Metric:
0
IS neighbor: R6.00
Metric:
0
R7.00-00 Sequence: 0x17, Checksum: 0xe39, Lifetime: 775 secs
IS neighbor: R5.04
Metric:
10
IS neighbor: R7.02
Metric:
10
IP prefix: 10.0.0.32/30
Metric:
10 Internal Up
IP prefix: 10.0.0.36/30
Metric:
10 Internal Up
IP prefix: 192.168.0.7/32
Metric:
0 Internal Up
R7.02-00 Sequence: 0x13, Checksum: 0x404d, Lifetime: 966 secs
IS neighbor: R6.00
Metric:
0
IS neighbor: R7.00
Metric:
0
IS-IS level 2 link-state database:
R3.00-00 Sequence: 0x17, Checksum: 0x5f84, Lifetime: 1085 secs
IS neighbor: R4.02
Metric:
10
IS neighbor: R5.03
Metric:
10
IP prefix: 10.0.0.16/30
Metric:
10
IP prefix: 10.0.0.20/30
Metric:
10
IP prefix: 10.0.0.40/30
Metric:
10
IP prefix: 192.168.0.3/32
Metric:
0
Internal
Internal
Internal
Internal
Up
Up
Up
Up
27
Internal
Internal
Internal
Internal
Internal
Internal
Internal
Internal
Up
Up
Up
Up
Up
Up
Up
Up
Meaning
This display indicates that Device R5s loopback interface is correctly configured to run
Level 2 only. Had Level 1 operation been enabled on lo0.0, Device R5 would have then
included its loopback address in its Level 1 link-state PDU.
You can also see that Device R5 has Level 2 link-state PDUs, received from its adjacent
neighbors.
Like an OSPF totally stubby area, no backbone (Level 2) or external prefixes are leaked
into a Level 1 area, by default. Level 1 prefixes are leaked up into the IS-IS backbone,
however, as can be seen in Device R5s Level 2 link-state PDU.
Related
Documentation
28
the router with the highest MAC address is elected as the designated router. By default,
routers have a priority value of 64.
Related
Documentation
Configure network interfaces. See the Junos OS Interfaces Configuration Guide for
Security Devices.
Enable IS-IS on the interfaces. See Example: Configuring IS-IS on page 14.
In this example, you configure the priority for logical interface ge-0/0/1.0 to be 100 and
the level number to be 1. If this interface has the highest priority value, the router becomes
the designated router for the Level 1 area.
To configure a designated router election priority for IS-IS:
[edit]
user@host# set protocols isis interface ge-0/0/1.0 level 1 priority 100
Related
Documentation
29
}
hostname is the name specified by the host-name statement at the [edit system] hierarchy
level.
system-identifier is the ISO system identifier. It is the 6-byte system ID portion of the IS-IS
network service access point (NSAP). We recommend that you use the hosts IP address
represented in BCD format. For example, the IP address 192.168.1.77 is 1921.6800.1077 in
BCD.
Related
Documentation
30
Example: Configuring the Unique Identity of a Router for Making it Accessible on the
Network
CHAPTER 3
Example: Enabling Packet Checksums on IS-IS Interfaces for Error Checking on page 39
You can also configure more fine-grained interface-level authentication for hello packets.
To enable authentication and specify an authentication method, include the
authentication-type statement, specifying the simple or md5 authentication type:
31
authentication-type authentication;
For a list of hierarchy levels at which you can include this statement, see the statement
summary section for this statement.
To configure a password, include the authentication-key statement. The authentication
password for all routing devices in a domain must be the same.
authentication-key key;
For a list of hierarchy levels at which you can include this statement, see the statement
summary section for this statement.
To configure hitless authentication key rollover, include the authentication-key-chain
(Protocols IS-IS) statement.
The password can contain up to 255 characters. If you include spaces, enclose all
characters in quotation marks ( ).
If you are using the Junos OS IS-IS software with another implementation of IS-IS, the
other implementation must be configured to use the same password for the domain, the
area, and all interfaces that are shared with a Junos OS implementation.
Authentication of hello packets, partial sequence number PDU (PSNP), and complete
sequence number PDU (CSNP) can be suppressed to enable interoperability with the
routing software of different vendors. Different vendors handle authentication in various
ways, and suppressing authentication for different PDU types might be the simplest way
to allow compatibility within the same network.
To configure IS-IS to generate authenticated packets, but not to check the authentication
on received packets, include the no-authentication-check statement:
no-authentication-check;
For a list of hierarchy levels at which you can include these statements, see the statement
summary sections for these statements.
32
Related
Documentation
For a list of hierarchy levels at which you can include this statement, see the statement
summary section for this statement.
Related
Documentation
33
Requirements on page 34
Overview on page 34
Configuration on page 35
Verification on page 38
Requirements
No special configuration beyond device initialization is required before configuring hitless
authentication key rollover for IS-IS.
Overview
Authentication guarantees that only trusted routers participate in routing updates. This
keychain authentication method is referred to as hitless because the keys roll over from
one to the next without resetting any peering sessions or interrupting the routing protocol.
Junos OS supports both RFC 5304, IS-IS Cryptographic Authentication and RFC 5310,
IS-IS Generic Cryptographic Authentication.
This example includes the following statements for configuring the keychain:
algorithmFor each key in the keychain, you can specify an encryption algorithm. The
keyA keychain can have multiple keys. Each key within a keychain must be identified
by a unique integer value. The range of valid identifier values is from 0 through 63.
key-chainFor each keychain, you must specify a name. This example defines two
optionsFor each key in the keychain, you can specify the encoding for the message
34
secretFor each key in the keychain, you must set a secret password. This password
can be entered in either encrypted or plain text format in the secret statement. It is
always displayed in encrypted format.
start-timeEach key must specify a start time in UTC format. Control gets passed
from one key to the next. When a configured start time arrives (based on the routing
devices clock), the key with that start time becomes active. Start times are specified
in the local time zone for a routing device and must be unique within the key chain.
You can apply a keychain globally to all interfaces or more granularly to specific interfaces.
This example includes the following statements for applying the keychain to all interfaces
or to particular interfaces:
ISIS Level 1
ISIS Level 2
B
FE/GE/XE
R1
A
FE/GE/XE
R0
A
R2
A
B
SONET
FE/GE/XE
R3
A
g040568
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces ge-0/0/0 unit 0 description "interface A"
set interfaces ge-0/0/0 unit 0 family inet address 10.0.0.1/30
set interfaces ge-0/0/0 unit 0 family iso
set interfaces ge-0/0/0 unit 0 family inet6 address fe80::200:f8ff:fe21:67cf/128
set interfaces ge-0/0/1 unit 0 description "interface B"
set interfaces ge-0/0/1 unit 0 family inet address 10.0.0.5/30
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family inet6 address 10FB::C:ABC:1F0C:44DA/128
set interfaces ge-0/0/2 unit 0 description "interface C"
set interfaces ge-0/0/2 unit 0 family inet address 10.0.0.9/30
set interfaces ge-0/0/2 unit 0 family iso
35
Step-by-Step
Procedure
2.
3.
Apply the base-key-global keychain to all Level 1 IS-IS interfaces on Router R0.
[edit protocols isis level 1]
user@R0# set authentication-key-chain base-key-global
36
4.
5.
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, and show security commands. If the output does not display the intended
configuration, repeat the instructions in this example to correct the configuration.
user@R0# show interfaces
ge-0/0/0 {
unit 0 {
description "interface A";
family inet {
address 10.0.0.1/30;
}
family iso;
family inet6 {
address fe80::200:f8ff:fe21:67cf/128;
}
}
}
ge-0/0/1 {
unit 0 {
description "interface B";
family inet {
address 10.0.0.5/30;
}
family iso;
family inet6 {
address 10FB::C:ABC:1F0C:44DA/128;
}
}
}
ge-0/0/2 {
unit 0 {
description "interface C";
family inet {
address 10.0.0.9/30;
}
family iso;
family inet6 {
address ff06::c3/128;
}
}
}
user@R0# show protocols
isis {
level 1 authentication-key-chain base-key-global;
37
interface ge-0/0/0.0 {
level 1 hello-authentication-key-chain base-key-inter;
}
}
user@R0# show security
authentication-key-chains {
key-chain base-key-global {
key 63 {
secret "$9$jfkqfTQnCpBDiCt"; ## SECRET-DATA
start-time "2011-8-6.06:54:00-0700";
algorithm hmac-sha-1;
options isis-enhanced;
}
}
key-chain base-key-inter {
key 0 {
secret "$9$8sgx7Vws4ZDkWLGD"; ## SECRET-DATA
start-time "2011-8-6.06:54:00-0700";
algorithm md5;
options basic;
}
}
}
Verification
To verify the configuration, run the following commands:
Related
Documentation
38
Example: Enabling Packet Checksums on IS-IS Interfaces for Error Checking on page 39
Requirements on page 39
Overview on page 39
Configuration on page 40
Verification on page 40
Requirements
Before you begin, configure IS-IS on both routers. See Example: Configuring IS-IS on
page 14 for information about the sample IS-IS configuration.
Overview
Junos OS supports IS-IS checksums as documented in RFC 3358, Optional Checksums
in Intermediate System to Intermediate System (ISIS).
IS-IS protocol data units (PDUs) include link-state PDUs, complete sequence number
PDUs (CSNPs), partial sequence number PDUs (PSNPs), and IS-IS hello (IIH) packets.
These PDUs can be corrupt due to faulty implementations of Layer 2 hardware or lack
of checksums on a specific network technology. Corruption of length or type, length, and
value (TLV) fields can lead to the generation of extensive numbers of empty link-state
PDUs in the receiving node. Because authentication is not a replacement for a checksum
mechanism, you might want to enable the optional checksum TLV on your IS-IS interfaces.
The checksum cannot be enabled with MD5 hello authentication on the same interface.
Figure 5 on page 39 shows the topology used in this example.
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
39
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS checksums:
1.
Enable checksums.
[edit protocols isis interface fe-1/2/0.1]
user@R1# set checksum
2.
Results
From configuration mode, confirm your configuration by entering the show protocols
commands. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@R1# show protocols
isis {
traceoptions {
file isis;
flag all;
}
interface fe-1/2/0.1 {
checksum;
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Verifying Checksums
Purpose
40
Action
From operational mode, enter the show log isis | match checksum command.
user@R1> show log isis | match checksum
May
May
May
May
May
May
May
May
May
May
May
May
May
May
May
May
May
Meaning
Related
Documentation
31
31
31
31
31
31
31
31
31
31
31
31
31
31
31
31
31
16:47:39.513267
16:47:39.513394
16:47:39.513517
16:47:46.563781
16:47:46.563970
16:47:46.564104
16:47:46.581087
16:47:46.581222
16:47:46.581353
16:47:55.799090
16:47:55.799223
16:47:55.799347
16:47:55.818255
16:47:55.818473
16:47:55.818606
16:48:03.455816
16:48:03.455973
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
sequence
0x49
0x4e
0x50
0x45
0x46
0x52
0x49
0x4e
0x50
0x45
0x46
0x52
0x49
0x4e
0x50
0x49
0x4e
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
checksum
0x8e64
0x34b3
0x9dcb
0x7e1a
0x226d
0x99cd
0x8e64
0x34b3
0x9dcb
0x7e1a
0x226d
0x99cd
0x8e64
0x34b3
0x9dcb
0x8e64
0x34b3
The output shows that checksum information is captured in the IS-IS trace log file.
41
42
CHAPTER 4
43
When the Routing Engine places the routes of a routing protocol into the routing table,
it is importing routes into the routing table.
When the Routing Engine uses active routes from the routing table to send a protocol
advertisement, it is exporting routes from the routing table.
NOTE: The process of moving routes between a routing protocol and the
routing table is described always from the point of view of the routing table.
That is, routes are imported into a routing table from a routing protocol and
they are exported from a routing table to a routing protocol. Remember
this distinction when working with routing policies.
As shown in Figure 6 on page 44, you use import routing policies to control which routes
are placed in the routing table, and export routing policies to control which routes are
advertised from the routing table to neighbors.
Neighbors
Import Policy 1
Export Policy 1
Routing
Table
Import Policy 2
Export Policy 2
Neighbors
Forwarding
Table
g001706
Neighbors
In general, the routing protocols place all their routes in the routing table and advertise
a limited set of routes from the routing table. The general rules for handling the routing
information between the routing protocols and the routing table are known as the routing
policy framework.
The routing policy framework is composed of default rules for each routing protocol that
determine which routes the protocol places in the routing table and advertises from the
routing table. The default rules for each routing protocol are known as default routing
policies.
You can create routing policies to preempt the default policies, which are always present.
A routing policy allows you to modify the routing policy framework to suit your needs.
You can create and implement your own routing policies to do the following:
44
Control which active routes a routing protocol advertises from the routing table. An
active route is a route that is chosen from all routes in the routing table to reach a
destination.
Manipulate the route characteristics as a routing protocol places the route in the routing
table or advertises the route from the routing table.
You can manipulate the route characteristics to control which route is selected as the
active route to reach a destination. The active route is placed in the forwarding table and
is used to forward traffic toward the routes destination. In general, the active route is
also advertised to a routers neighbors.
NOTE: By default, BGP advertises active routes. However, you can configure
BGP to advertise inactive routes, which go to the same destination as other
routes but have less preferable metrics.
45
Dynamic Database
In Junos OS Release 9.5 and later, you can configure routing policies and certain routing
policy objects in a dynamic database that is not subject to the same verification required
by the standard configuration database. As a result, you can quickly commit these routing
policies and policy objects, which can be referenced and applied in the standard
configuration as needed. BGP is the only protocol to which you can apply routing policies
that reference policies configured in the dynamic database. After a routing policy based
on the dynamic database is configured and committed in the standard configuration,
you can quickly make changes to existing routing policies by modifying policy objects in
the dynamic database. Because Junos OS does not validate configuration changes to
the dynamic database, when you use this feature, you should test and verify all
configuration changes before committing them.
Related
Documentation
Ordering Rules configured to select the best among the eligible backup paths.
The backup selection policies can be configured with both pruning and ordering rules.
While evaluating the backup policies, each backup path is assigned a score, an integer
value that signifies the total weight of the evaluated criteria. The backup path with the
highest score is selected.
To enforce LFA selection, configure various rules for the following attributes:
46
srlg A shared risk link group (SRLG) is a set of links sharing a common resource, which
affects all links in the set if the common resource fails. These links share the same risk
of failure and are therefore considered to belong to the same SRLG. For example, links
sharing a common fiber are said to be in the same SRLG because a fault with the fiber
might cause all links in the group to fail. An SRLG is represented by a 32-bit number
unique within an IGP (IS-IS) domain. A link might belong to multiple SRLGs. You can
define the backup selection to either allow or reject the common SRLGs between the
primary and the backup path.
metric Metric decides how the LFAs should be preferred. In backup selection path,
root metric and dest-metric are the two types of metrics. root-metric indicates the
metric to the one-hop neighbor or a remote router such as an RSVP backup LSP tail-end
router. The dest-metric indicates the metric from a one-hop neighbor or remote router
such as an RSVP backup LSP tail-end router to the final destination. The metric
evaluation is done either in ascending or descending order. By default, the first
preference is given to backup paths with lowest destination evaluation and then to
backup paths with lowest root metrics.
The evaluation-order allows you to control the order and criteria of evaluating these
attributes in the backup path. You can explicitly configure the evaluation order. Only the
configured attributes influence the backup path selection. The default order of evaluation
47
of these attributes for the LFA is [ admin-group srlg bandwidth protection-type neighbor
neighbor-tag metric ] .
Related
Documentation
Requirements on page 48
Overview on page 48
Configuration on page 49
Verification on page 69
Requirements
This example uses the following hardware and software components:
2. Configure IS-IS.
Overview
Starting with Junos OS Release 14.1, the default loop free alternative (LFA) selection
algorithm or criteria can be overridden with an LFA policy. These policies are configured
for each destination (IPv4 and IPv6) and a primary next-hop interface . These backup
policies enforce LFA selection based on admin-group, srlg, bandwidth, protection-type,
metric, neighbor, and neighbor-tag attributes of the backup path. During backup
shortest-path-first (SPF) computation, each attribute (both node and link) of the backup
path, stored per backup next-hop, is accumulated by IGP. For the routes created internally
by IGP, the attribute set of every backup path is evaluated against the policy configured
for each destination (IPv4 and IPv6) and a primary next-hop interface. The first or the
best backup path is selected and installed as the backup next hop in the routing table.
To configure the backup selection policy, include the backup-selection configuration
statement at the [edit routing-options] hierarchy level. The show backup-selection
command displays the configured policies for a given interface and destination. The
display can be filtered against a particular destination, prefix, interface, or logical systems.
48
Topology
In this topology, backup selection policy is configured on Device R3.
Configuration
CLI Quick
Configuration
R0
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces ge-4/0/1 unit 0 family inet address 100.0.1.1/24
set interfaces ge-4/0/1 unit 0 family iso
set interfaces ge-4/0/1 unit 0 family inet6 address 2001:100:0:1::1/64
set interfaces ge-4/0/1 unit 0 family mpls
set interfaces ge-0/2/1 unit 0 family inet address 100.0.4.1/24
set interfaces ge-0/2/1 unit 0 family iso
set interfaces ge-0/2/1 unit 0 family inet6 address 2001:100:0:4::1/64
set interfaces ge-0/2/1 unit 0 family mpls
set interfaces ge-1/3/1 unit 0 family inet address 100.0.5.1/24
set interfaces ge-1/3/1 unit 0 family iso
set interfaces ge-1/3/1 unit 0 family inet6 address 2001:100:0:5::1/64
set interfaces ge-1/3/1 unit 0 family mpls
set interfaces ge-1/3/0 unit 0 family inet address 100.0.6.1/24
set interfaces ge-1/3/0 unit 0 family iso
set interfaces ge-1/3/0 unit 0 family inet6 address 2001:100:0:6::1/64
set interfaces ge-1/3/0 unit 0 family mpls
49
50
R1
51
R2
52
R3
53
54
55
R4
56
R5
57
R6
58
59
R7
60
Configuring Device R3
Step-by-Step
Procedure
The following example requires that you navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure Device R3:
1.
61
3.
4.
62
6.
7.
8.
63
10.
11.
Apply the routing policy to all equal cost multi paths exported from the routing table
to the forwarding table.
[edit routing-options]
user@R3# set forwarding-table export ecmp
12.
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, and show routing-options commands. If the output does not display the
intended configuration, repeat the instructions in this example to correct the configuration.
64
65
address 2001:100:3:7::1/64;
}
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 10.255.102.128/32;
}
family iso {
address 49.0001.0010.0100.1004.00;
}
family inet6{
address abcd::10:255:102:128/128;
}
family mpls;
}
}
user@R3# show protocols
rsvp {
interface all;
}
mpls {
admin-groups {
c0 0;
c1 1;
c2 2;
c3 3;
c4 4;
c5 5;
c6 6;
c7 7;
c8 8;
c9 9;
c10 10;
c11 11;
c12 12;
c13 13;
c14 14;
c15 15;
c16 16;
c17 17;
c18 18;
c19 19;
c20 20;
c21 21;
c22 22;
c23 23;
c24 24;
c25 25;
c26 26;
c27 27;
c28 28;
c29 29;
66
c30 30;
c31 31;
}
interface all;
interface ge-0/3/1 {
srlg [ srlg1 srlg2 ];
admin-group [ c1 c2 c3 c5 ];
}
interface ge-0/3/6 {
admin-group [ c1 c2 ];
}
interface ge-2/0/4 {
admin-group [ c1 c2 c5 ];
}
interface ge-1/1/0 {
admin-group [ c2 c12 ];
}
isis {
interface ge-1/3/5 {
link-protection;
}
interface ge-0/3/1 {
level 2 metric 21;
}
interface ge-0/3/6 {
level 2 metric 13;
}
interface ge-2/0/4 {
level 2 metric 15;
}
interface ge-1/1/0 {
level 2 metric 22;
}
interface all {
level 2 metric 10;
}
}
user@R3# show routing-options
srlg {
srlg1 {
srlg-value 101;
}
srlg2 {
srlg-value 102;
}
srlg3 {
srlg-value 103;
}
srlg4 {
srlg-value 104;
}
srlg5 {
srlg-value 105;
}
srlg6 {
67
srlg-value 106;
}
srlg7 {
srlg-value 107;
}
srlg8 {
srlg-value 108;
}
srlg9 {
srlg-value 109;
}
srlg10 {
srlg-value 110;
}
srlg111 {
srlg-value 111;
}
srlg112 {
srlg-value 112;
}
}
backup-selection {
destination 0.0.0.0/0 {
interface all {
admin-group {
include-all c1;
include-any c2;
preference c3;
}
srlg loose;
downstream-paths-only;
bandwidth-greater-equal-primary;
neighbor {
preference 10.255.102.178;
}
neighbor-tag {
preference 1004;
}
metric-order dest;
evaluation-order [ admin-group srlg bandwidth ];
}
}
destination 100.0.1.0/24 {
interface all {
srlg strict;
bandwidth-greater-equal-primary;
}
}
destination 100.0.7.0/24 {
interface all {
srlg strict;
}
}
}
If you are done configuring the device, enter commit from configuration mode.
68
Verification
Verify that the configuration is working properly.
69
Action
From operational mode, run the show route command for the routing table.
user@R3> show route
inet.0: 32 destinations, 32 routes (32 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.255.102.128/32
10.255.102.146/32
10.255.102.154/32
10.255.102.156/32
10.255.102.166/32
10.255.102.172/32
10.255.102.178/32
10.255.102.180/32
100.0.1.0/24
100.0.4.0/24
100.0.5.0/24
100.0.6.0/24
100.0.7.0/24
100.1.2.0/24
100.1.4.0/24
100.1.7.0/24
100.2.3.0/24
100.2.3.2/32
100.2.4.0/24
100.2.5.0/24
100.2.6.0/24
100.2.7.0/24
100.3.4.0/24
100.3.4.1/32
70
100.3.5.0/24
100.3.5.1/32
100.3.6.0/24
100.3.6.1/32
100.3.7.0/24
100.3.7.1/32
100.4.5.0/24
100.6.7.0/24
*[MPLS/0] 1w0d
Receive
*[MPLS/0] 1w0d
Receive
*[MPLS/0] 1w0d
Receive
*[MPLS/0] 1w0d
Receive
04:14:47, metric 1
04:14:47, metric 1
04:14:47, metric 1
04:14:47, metric 1
2001:100:0:4::/64
2001:100:0:5::/64
2001:100:0:6::/64
2001:100:0:7::/64
2001:100:1:2::/64
2001:100:1:4::/64
2001:100:1:7::/64
2001:100:2:3::/64
71
72
fe80::/64
Meaning
73
Action
From operational mode, run the show isis route command for Device R3.
user@R3> show isis route
IS-IS routing table
IPv4/IPv6 Routes
---------------Prefix
L Version
10.255.102.146/32 2
5023
74
10.255.102.154/32
10.255.102.156/32
2
2
5023
5023
25 int
30 int
ge-2/0/4.0
ge-1/3/5.0
ge-2/0/4.0
IPV4 R6
IPV4 R2
IPV4 R6 0000000000000000
10.255.102.166/32
10.255.102.172/32
10.255.102.178/32
10.255.102.180/32
100.0.1.0/24
2
2
2
2
2
5023
5023
5023
5023
5023
23
31
20
32
30
int
int
int
int
int
ge-0/3/6.0
ge-0/3/1.0
ge-1/3/5.0
ge-1/1/0.0
ge-1/3/5.0
ge-0/3/1.0
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
R5
R4
R2
R7
R2
R4 0000000002003100
100.0.4.0/24
100.0.5.0/24
100.0.6.0/24
100.0.7.0/24
100.1.2.0/24
100.1.4.0/24
2
2
2
2
2
2
5023
5023
5023
5023
5023
5023
39
64
67
45
20
30
int
int
int
int
int
int
ge-0/3/1.0
ge-0/3/6.0
ge-2/0/4.0
ge-1/1/0.0
ge-1/3/5.0
ge-1/3/5.0
ge-2/0/4.0
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
R4
R5
R6
R7
R2
R2
R6 0000000000000000
100.1.7.0/24
5023
30 int
ge-1/3/5.0
ge-2/0/4.0
IPV4 R2
IPV4 R6 0000000000000000
100.2.4.0/24
100.2.5.0/24
100.2.6.0/24
100.2.7.0/24
100.4.5.0/24
100.6.7.0/24
2001:100:0:1::/64
2
2
2
2
2
2
2
5023
5023
5023
5023
5023
5023
5023
22
20
22
23
23
25
30
int
int
int
int
int
int
int
2001:100:0:4::/64
2001:100:0:5::/64
2001:100:0:6::/64
2001:100:0:7::/64
2001:100:1:2::/64
2
2
2
2
2
5023
5023
5023
5023
5023
39
64
67
45
20
int
int
int
int
int
2001:100:1:4::/64
5023
30 int
2001:100:1:7::/64
5023
30 int
2001:100:2:4::/64
5023
22 int
2001:100:2:5::/64
5023
20 int
2001:100:2:6::/64
5023
22 int
2001:100:2:7::/64
5023
23 int
2001:100:4:5::/64
5023
23 int
ge-1/3/5.0
ge-1/3/5.0
ge-1/3/5.0
ge-1/3/5.0
ge-0/3/6.0
ge-2/0/4.0
ge-1/3/5.0
ge-0/3/1.0
ge-0/3/1.0
ge-0/3/6.0
ge-2/0/4.0
ge-1/1/0.0
ge-1/3/5.0
ge-0/3/6.0
ge-1/3/5.0
ge-0/3/1.0
ge-1/3/5.0
ge-0/3/1.0
ge-1/3/5.0
ge-0/3/6.0
ge-1/3/5.0
ge-0/3/6.0
ge-1/3/5.0
ge-0/3/6.0
ge-1/3/5.0
ge-0/3/6.0
ge-0/3/6.0
IPV4
IPV4
IPV4
IPV4
IPV4
IPV4
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
IPV6
R2
R2
R2
R2
R5
R6
R2
R4
R4
R5
R6
R7
R2
R5
R2
R4
R2
R4
R2
R5
R2
R5
R2
R5
R2
R5
R5
2001:100:6:7::/64 2
5023
25 int ge-2/0/4.0
abcd::10:255:102:146/128 2 5023 40 int ge-1/3/5.0 IPV6
ge-0/3/1.0
abcd::10:255:102:154/128 2 5023 25 int ge-2/0/4.0 IPV6
abcd::10:255:102:156/128 2 5023 30 int ge-1/3/5.0 IPV6
ge-0/3/1.0
abcd::10:255:102:166/128 2 5023 23 int ge-0/3/6.0 IPV6
abcd::10:255:102:172/128 2 5023 31 int ge-0/3/1.0 IPV6
abcd::10:255:102:178/128 2 5023 20 int ge-1/3/5.0 IPV6
ge-0/3/6.0
abcd::10:255:102:180/128 2 5023 32 int ge-1/1/0.0 IPV6
Meaning
IPV6 R6
R2
IPV6 R4
R6
R2
IPV6 R4
R5
R4
R2
IPV6 R5
R7
Verify the potential IS-IS backup SPF roots for Device R3.
75
Action
From operational mode, run the show isis backup spf results command for Device R3.
user@R3> show isis backup spf results
IS-IS level 1 SPF results:
0 nodes
IS-IS level 2 SPF results:
R0.00
Primary next-hop: ge-1/3/5, IPV4, R2, SNPA: b0:c6:9a:2a:f4:bc
Primary next-hop: ge-1/3/5, IPV6, R2, SNPA: b0:c6:9a:2a:f4:bc
Root: R4, Root Metric: 21, Metric: 18, Root Preference: 0x0
track-item: R4.04-00, track-item-isnbr: R4.00
track-item: R0.00-00, track-item-isnbr: R6.03
Eligible, Backup next-hop: ge-0/3/1, IPV4, R4, SNPA: b0:c6:9a:2a:f4:bd
Eligible, Backup next-hop: ge-0/3/1, IPV6, R4, SNPA: b0:c6:9a:2a:f4:bd
Root: R2, Root Metric: 10, Metric: 20, Root Preference: 0x0
track-item: R2.02-00, track-item-isnbr: R2.00
track-item: R1.02-00
track-item: R1.00-00, track-item-isnbr: R2.02
track-item: R0.00-00, track-item-isnbr: R1.02
Not eligible, IPV4, Reason: Primary next-hop link fate sharing
Not eligible, IPV6, Reason: Primary next-hop link fate sharing
Root: R7, Root Metric: 22, Metric: 20, Root Preference: 0x0
track-item: R7.05-00, track-item-isnbr: R7.00
track-item: R1.02-00
track-item: R1.00-00
track-item: R0.00-00, track-item-isnbr: R1.02
Eligible, Backup next-hop: ge-1/1/0, IPV4, R7, SNPA: b0:c6:9a:2a:f4:bd
Eligible, Backup next-hop: ge-1/1/0, IPV6, R7, SNPA: b0:c6:9a:2a:f4:bd
Root: R5, Root Metric: 13, Metric: 28, Root Preference: 0x0
track-item: R5.03-00, track-item-isnbr: R5.00
track-item: R4.04-00, track-item-isnbr: R4.00
track-item: R4.00-00
track-item: R0.00-00, track-item-isnbr: R6.03
Eligible, Backup next-hop: ge-0/3/6, IPV4, R5, SNPA: b0:c6:9a:2a:f4:bd
Eligible, Backup next-hop: ge-0/3/6, IPV6, R5, SNPA: b0:c6:9a:2a:f4:bd
Root: R6, Root Metric: 15, Metric: 30, Root Preference: 0x0
track-item: R7.05-00, track-item-isnbr: R7.00
track-item: R7.04-00, track-item-isnbr: R6.00
track-item: R7.00-00
track-item: R1.02-00
track-item: R1.00-00
track-item: R0.00-00, track-item-isnbr: R1.02
Eligible, Backup next-hop: ge-2/0/4, IPV4, R6, SNPA: b0:c6:9a:2a:f4:bd
Eligible, Backup next-hop: ge-2/0/4, IPV6, R6, SNPA: b0:c6:9a:2a:f4:bd
R7.00
Primary next-hop: ge-1/1/0, IPV4, R7, SNPA: b0:c6:9a:2a:f4:bd
Primary next-hop: ge-1/1/0, IPV6, R7, SNPA: b0:c6:9a:2a:f4:bd
Root: R7, Root Metric: 22, Metric: 0, Root Preference: 0x0
Not eligible, IPV4, Reason: Interface protection not configured
Not eligible, IPV6, Reason: Interface protection not configured
Root: R6, Root Metric: 15, Metric: 10, Root Preference: 0x0
track-item: R7.04-00, track-item-isnbr: R6.00
track-item: R7.00-00
. . .
Meaning
76
The output displays the root calculations through each directly connected router.
From operational mode, run the show backup-selection command for Device R3.
user@R3> show backup-selection
Prefix: 0.0.0.0/0
Interface: all
Admin-group include-all: c1
Admin-group include-any: c2
Admin-group preference: c3
Neighbor preference: 10.255.102.178
Neighbor-tag preference: 1004
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Loose, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth
Prefix: 100.0.1.0/24
Interface: all
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Neighbor,
Metric, Neighbor-Tag
Prefix: 100.0.7.0/24
Interface: all
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Strict, B/w >=
Primary: Disabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Neighbor,
Metric, Neighbor-Tag
Meaning
Related
Documentation
The output displays the configured policies per prefix per primary next-hop interface.
77
Configure the router interfaces. See the Junos OS Network Management Administration
Guide for Routing Devices
Configure an interior gateway protocol or static routing. See the Junos OS Routing
Protocols Library for Routing Devices
[edit protocols]
user@host# set rsvp interface all
3. Configure administrative groups.
[edit routing-options]
user@host# set srlg srlg-name srlg-value srlg-value
5. Enable MPLS on all the interfaces.
[edit protocols]
user@host# set isis interface all level 2 metric 10
9. Apply the routing policy to all equal cost multipaths exported from the routing table
You can choose to exclude, include all, include any, or prefer the administrative groups
from the backup path.
[edit routing-options]
user@host# set backup-selection destination ip-address interface interface-name
admin-group
78
The backup path is not selected as the loop-free alternate (LFA) or backup nexthop
if any of the links in the path have any one of the listed administrative groups.
For example, to exclude the group c1 from the administrative group:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
admin-group]
user@host# set exclude c1
Configure all the administrative groups if each link in the backup path requires all
the listed administrative groups in order to accept the path.
[edit routing-options backup-selection destination ip-address interface interface-name
admin-group]
user@host# set include-all group-name
For example, to set all the administrative groups if each link requires all the listed
administrative groups in order to accept the path:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
admin-group]
user@host# set include-all c2
Configure any administrative group if each link in the backup path requires at least
one of the listed administrative groups in order to select the path.
[edit routing-options backup-selection destination ip-address interface interface-name
admin-group]
user@host# set include-any group-name
For example, to set any administrative group if each link in the backup path requires
at least one of the listed administrative groups in order to select the path:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
admin-group]
user@host# set include-any c3
Define an ordered set of administrative group that specifies the preference of the
backup path.
The leftmost element in the set is given the highest preference.
[edit routing-options backup-selection destination ip-address interface interface-name
admin-group]
user@host# set preference group-name
For example, to set an ordered set of administrative group that specifies the
preference of the backup path:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
admin-group]
user@host# set preference c4
11. Configure the backup path to allow the selection of the backup next hop only if the
bandwidth is greater than or equal to the bandwidth of the primary next hop.
[edit routing-options]
79
the remote router such as an RSVP backup label-switched-path (LSP) tail-end router
to the final destination.
The destination metric can be either highest or lowest.
Configure the backup path that has the highest destination metric.
[edit routing-options]
user@host# set backup-selection destination ip-address interface interface-name
dest-metric highest
Configure the backup path that has the lowest destination metric.
[edit routing-options]
user@host# set backup-selection destination ip-address interface interface-name
dest-metric lowest
13. Configure the backup path that is a downstream path to the destination.
[edit routing-options]
user@host# set backup-selection destination ip-address interface interface-name
downstream-paths-only
14. Set the order of preference of the root and the destination metric during backup path
selection.
The preference order can be :
[root dest] Backup path selection or preference is first based on the root-metric
criteria. If the criteria of all the root-metric is the same, then the selection or
preference is based on the dest-metric.
[dest root] Backup path selection or preference is first based on the dest-metric
criteria. If the criteria of all the dest-metric is the same, then the selection is based
on the root-metric.
[edit routing-options]
user@host# set backup-selection destination ip-address interface interface-name
metric-order root
user@host# set backup-selection destination ip-address interface interface-name
metric-order dest
15. Configure the backup path to define a list of loop-back IP addresses of the adjacent
80
The backup path that has a router from the list is not selected as the loop-free
alternative or backup next hop.
[edit routing-options]
user@host# set backup-selection destination ip-address interface all neighbor-tag
Configure to not select the backup path as the loop-free alternative or backup-next
hop if any node or router with route-tag is present in the path.
[edit routing-options backup-selection destination ip-address interface interface-name
neighbor-tag]
user@host# set exclude route-tag
For example, to not select the backup path as the loop-free alternative or
backup-next hop if any node or router with 1004 route-tag is present in the path:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
neighbor-tag]
user@host# set exclude 1004
For example, to configure the set of route tags in descending order of preference:
[edit routing-options backup-selection destination 0.0.0.0/0 interface all
neighbor-tag]
user@host# set preference 1006
17. Configure the backup path to specify the required protection type of the backup path
Select the backup path that allows either node or link protection LFA where
node-protection LFA is preferred over link-protection LFA.
[edit routing-options]
81
19. Configure the backup selection path to either allow or reject the common shared risk
link groups (SRLGs) between the primary link and each link in the backup path.
Configure the backup path to allow common srlgs between the primary link and
each link in the backup path.
[edit routing-options]
user@host# set backup-selection destination ip-address interface all srlg loose
Configure the backup path to reject the backup path that has common srlgs between
the primary link and each link in the backup path.
[edit routing-options]
user@host# set backup-selection destination ip-address interface all srlg strict
20. Configure the backup path to control the order and the criteria of evaluating the backup
path based on the administrative group, srlg, bandwidth, protection type, neighbor,
neighbor-tag, and metric. The default order of evaluation is admin-group, srlg,
bandwidth, protection-type, neighbor, neighbor-tag, and metric.
[edit routing-options]
user@host# set backup-selection destination ip-address interface all evaluation-order
admin-group
user@host# set backup-selection destination ip-address interface all evaluation-order
srlg
user@host# set backup-selection destination ip-address interface all evaluation-order
bandwidth
Related
Documentation
82
Requirements on page 83
Overview on page 83
Configuration on page 84
Verification on page 89
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Export policy can be applied to IS-IS to facilitate route redistribution.
Junos OS does not support the application of import policy for link-state routing protocols
like IS-IS because such policies can lead to inconsistent link-state database (LSDB)
entries, which in turn can result in routing inconstancies.
In this example, OSPF routes 192.168.0/24 through 192.168.3/24 are redistributed into
IS-IS area 49.0002 from Device R2.
In addition, policies are configured to ensure that Device R1 can reach destinations on
the 10.0.0.44/30 network, and that Device R3 can reach destinations on the 10.0.0.36/30
network. This enables end-to-end reachability.
Figure 8 on page 84 shows the topology used in this example.
83
lo0:172.16.3.5
fe-1/2/0
.38
R1
10.0.0.36/30
lo0:172.16.9.7
fe-1/2/1
.37
R2
.45 fe-1/2/0
10.0.0.44/30
.46
fe-1/2/0
OSPF
(192.168.0-3/24)
g041258
R3
CLI Quick Configuration on page 84 shows the configuration for all of the devices in
Figure 8 on page 84. The section Step-by-Step Procedure on page 85 describes the
steps on Device R2. Step-by-Step Procedure on page 86 describes the steps on Device
R3.
Configuration
CLI Quick
Configuration
84
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Device R2
Device R3
Step-by-Step
Procedure
2.
Configure IS-IS on the interface facing Device R1 and the loopback interface.
[edit protocols isis]
user@R2# set interface fe-1/2/1.0
user@R2# set interface lo0.0
3.
Configure the policy that enables Device R1 to reach the 10.0.0.44/30 network.
[edit policy-options policy-statement send-direct-to-isis-neighbors]
user@R2# set from protocol direct
user@R2# set from route-filter 10.0.0.44/30 exact
user@R2# set then accept
4.
Apply the policy that enables Device R1 to reach the 10.0.0.44/30 network.
85
6.
7.
8.
Configure the policy that enables Device R3 to reach the 10.0.0.36/30 network.
[edit policy-options policy-statement send-direct-to-ospf-neighbors]
user@R2# set from protocol direct
user@R2# set from route-filter 10.0.0.36/30 exact
user@R2# set then accept
9.
Apply the policy that enables Device R3 to reach the 10.0.0.36/30 network.
[edit protocols ospf]
user@R2# set export send-direct-to-ospf-neighbors
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure multi-level IS-IS:
1.
2.
86
3.
4.
5.
Results
Device R2
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, show policy-options, and show routing-options commands. If the output
does not display the intended configuration, repeat the instructions in this example to
correct the configuration.
user@R2# show interfaces
fe-1/2/1 {
unit 0 {
description to-R5;
family inet {
address 10.0.0.37/30;
}
family iso;
}
}
fe-1/2/0 {
unit 0 {
description to-OSPF-network;
family inet {
address 10.0.0.45/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 172.16.9.7/32;
}
family iso {
address 49.0002.0172.0016.0907.00;
}
}
}
user@R2# show protocols
isis {
export [ ospf-isis send-direct-to-isis-neighbors ];
interface fe-1/2/1.0;
interface lo0.0;
}
87
ospf {
export send-direct-to-ospf-neighbors;
area 0.0.0.1 {
interface fe-1/2/0.0;
interface lo0.0 {
passive;
}
}
}
user@R2# show policy-options
policy-statement ospf-isis {
term 1 {
from {
protocol ospf;
route-filter 192.168.0.0/22 longer;
}
then accept;
}
}
policy-statement send-direct-to-isis-neighbors {
from {
protocol direct;
route-filter 10.0.0.44/30 exact;
}
then accept;
}
policy-statement send-direct-to-ospf-neighbors {
from {
protocol direct;
route-filter 10.0.0.36/30 exact;
}
then accept;
}
Device R3
88
export ospf;
area 0.0.0.1 {
interface fe-1/2/0.0;
interface lo0.0 {
passive;
}
}
}
user@R3# show policy-options
policy-statement ospf {
term 1 {
from protocol static;
then accept;
}
}
user@R3# show routing-options
static {
route 192.168.0.0/24 discard;
route 192.168.1.0/24 discard;
route 192.168.3.0/24 discard;
route 192.168.2.0/24 discard;
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
89
192.168.2.1/32
192.168.3.0/24
192.168.3.1/32
224.0.0.5/32
Meaning
Make sure that the expected routes are redistributed from OSPF into IS-IS.
From operational mode on Device R1, enter the show route protocol isis command.
user@R1> show route protocol isis
tag2 1
tag2 1
tag2 1
tag2 1
Meaning
Verifying Connectivity
Purpose
Action
90
Meaning
Related
Documentation
These results confirm that Device R1 can reach the destinations in the OSPF network.
Example: Configuring IS-IS Route Leaking from a Level 2 Area to a Level 1 Area
This example shows how to leak prefixes in an IS-IS network from a Level 2 area to a
Level 1 area.
Requirements on page 91
Overview on page 91
Configuration on page 92
Verification on page 96
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Every routing protocol passes routing information up or down the routing hierarchy. This
bidirectional flow of routing information is known as route leaking.
By default, IS-IS protocol leaks routing information from a Level 1 area to a Level 2 area.
However, to leak routing information from a Level 2 area to a Level 1 area, an export policy
must be explicitly configured.
Topology
In this example, Devices R3 and R4 are configured in a Level 2 area. Devices R5, R6, and
R7 are configured in a Level 1 area.
Figure 9 on page 92 shows the topology used in this example.
91
192.168.0.3/32
R3
10.0.0.0/30
Level 1
.21
R6
.30
10.0.0.0/30
Level 2
.17
.33
.22
R5
.18
.26
.29
.38
.34
.25
.37
R4
R7
192.168.0.4/32
49.0001
192.168.0.7/32
49.0002
g040934
192.168.0.5/32
Configuration
Configuring Route Leaking from a Level 2 Area to a Level 1 Area
92
CLI Quick
Configuration
To quickly configure route leaking from a Level 2 area to a Level 1 area, copy the following
commands, paste them into a text file, remove any line breaks, change any details
necessary to match your network configuration, and then copy and paste the commands
into the CLI at the [edit] hierarchy level.
Device R3
Device R4
Device R5
Device R6
Device R7
93
The following example requires that you navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure route leaking from a Level 2 area to a Level 1 area:
1.
3.
4.
Configure a route leaking policy on the routers configured in the Level 2 area to leak
routes into the Level 1 area.
[edit policy-options policy-statement leak-L2-to-L1]
user@R3# set from route-filter 192.168.0.0/24 orlonger
user@R3# set from protocol isis
user@R3# set from level 2
user@R3# set to protocol isis
user@R3# set to level 1
user@R3# set then accept
[edit protocols isis]
user@R3# set export leak-L2-to-L1
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols isis, and show policy-options commands.
94
If the output does not display the intended configuration, repeat the instructions in this
example to correct the configuration.
user@R3# show interfaces
fe-1/2/0 {
unit 0 {
description to-R4;
family inet {
address 10.0.0.17/30;
}
family iso;
}
}
fe-1/2/1 {
unit 0 {
description to-R5;
family inet {
address 10.0.0.21/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.3/32;
}
family iso {
address 49.0001.0192.0168.0003.00;
}
}
}
user@R3# show protocols isis
export leak-L2-to-L1;
interface fe-1/2/0.0 {
level 1 disable;
}
interface fe-1/2/1.0 {
level 1 disable;
}
interface lo0.0 {
level 1 disable;
}
95
Similarly, confirm the configuration on all other routers. If you are done configuring the
routers, enter commit from configuration mode.
Verification
Verifying Route Leaking from a Level 2 Area to a Level 1 Area
Purpose
Action
Verify that IS-IS leaks routes from a Level 2 area to a Level 1 area.
To verify that route leaking is taking place, use the following commands:
show isis adjacency (to verify that the IS-IS network is up and adjacencies have been
established)
show isis database detail (to verify the presence of leaked routes)
1.
From operational mode on Device R3, run the show isis adjacency command.
user@R3> show isis adjacency
Interface
System
fe-1/2/0.0
R4
fe-1/2/1.0
R5
L State
2 Up
2 Up
The output verifies that the interfaces on Device R3 are up and have established
adjacencies with the connecting interfaces on Routers R4 and R5. If you dont see the
interfaces being functional, see the Results on page 94 section for troubleshooting
your configuration.
2. From operational mode on Device R3, run the show isis database detail command.
user@R3> show isis database detail
IS-IS level 1 link-state database:
R3.00-00 Sequence: 0x19, Checksum: 0x3453, Lifetime: 1078 secs
IP prefix: 192.168.0.4/32
Metric:
10 Internal Down
IP prefix: 192.168.0.5/32
Metric:
10 Internal Down
IP prefix: 192.168.0.6/32
Metric:
20 Internal Down
IP prefix: 192.168.0.7/32
Metric:
20 Internal Down
IS-IS level 2 link-state database:
R3.00-00 Sequence: 0x1c, Checksum: 0xc657, Lifetime: 1078 secs
IS neighbor: R4.02
Metric:
10
IS neighbor: R5.02
Metric:
10
IP prefix: 10.0.0.16/30
Metric:
10 Internal Up
IP prefix: 10.0.0.20/30
Metric:
10 Internal Up
IP prefix: 192.168.0.3/32
Metric:
0 Internal Up
R4.00-00 Sequence: 0x19, Checksum: 0xea13, Lifetime: 1076 secs
IS neighbor: R4.02
Metric:
10
IS neighbor: R5.03
Metric:
10
IP prefix: 10.0.0.16/30
Metric:
10 Internal Up
IP prefix: 10.0.0.24/30
Metric:
10 Internal Up
IP prefix: 192.168.0.4/32
Metric:
0 Internal Up
R4.02-00 Sequence: 0x17, Checksum: 0xecab, Lifetime: 1076 secs
IS neighbor: R3.00
Metric:
0
IS neighbor: R4.00
Metric:
0
96
Internal
Internal
Internal
Internal
Internal
Internal
Internal
Internal
Up
Up
Up
Up
Up
Up
Up
Up
The Down keyword identifies the routes that have successfully leaked from the Level
2 area to the Level 1 area.
Meaning
97
a single community value or multiple community values. When more than one value is
assigned to a community name, the routing device interprets this as a logical AND of the
community values. In other words, a route must have all of the configured values before
being assigned the community name.
The regular community attribute is four octets. Networking enhancements, such as VPNs,
have functionality requirements that can be satisfied by an attribute such as a community.
However, the 4-octet community value does not provide enough expansion and flexibility
to accommodate VPN requirements. This leads to the creation of extended communities.
An extended community is an 8-octet value that is also divided into two main sections.
The first 2 octets of the community encode a type field while the last 6 octets carry a
unique set of data in a format defined by the type field. Extended communities provide
a larger range for grouping or categorizing communities.
The BGP extended communities attribute format has three fields:
type:administrator:assigned-number. The routing device expects you to use the words
target or origin to represent the type field. The administrator field uses a decimal number
for the AS or an IPv4 address, while the assigned number field expects a decimal number
no larger than the size of the field (65,535 for 2 octets or 4,294,967,295 for 4 octets).
When specifying community IDs for standard and extended community attributes, you
can use UNIX-style regular expressions. The only exception is for VPN import policies
(vrf-import), which do not support regular expressions for the extended communities
attribute.
Related
Documentation
How BGP Communities and Extended Communities Are Evaluated in Routing Policy
Match Conditions
98
Requirements on page 99
Overview on page 99
Configuration on page 99
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Figure 10 on page 99 shows the topology used in this example.
Figure 10: Redistributing BGP Routes with a Specific Community Tag into
IS-IS
AS 1
IS-IS
10.0.0.4/30
fe-1/2/0
D
.5
IBGP
.14
.6
.13
.9
AS 2
10.0.0.12/30
10.0.0.8/30
fe-1/2/1
.10
.25
10.0.0.24/30
.26
C
fe-1/2/1
IBGP
fe-1/2/0
fe-1/2/2
EBGP
10.2/16
10.3/16
g041311
In this example, Device A, Device B, Device C, and Device D are in autonomous system
(AS) 1 and are running IS-IS. All of the AS 1 devices, except Device D, are running internal
BGP (IBGP).
Device E is in AS 2 and has an external BGP (EBGP) peering session with Device C. Device
E has two static routes, 10.2.0.0/16 and 10.3.0.0/16. These routes are tagged with the
Edu 2:5 community attribute and are advertised by way of EBGP to Device C.
Device C accepts the BGP routes that are tagged with the Edu 2:5 community attribute,
redistributes the routes into IS-IS, and applies an IS-IS metric of 63 to these routes.
CLI Quick Configuration on page 99 shows the configuration for all of the devices in
Figure 10 on page 99. The section Step-by-Step Procedure on page 101 describes the
steps on Device C and Device E.
Configuration
CLI Quick
Configuration
Device A
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.5/30
set interfaces fe-1/2/0 unit 0 family iso
set interfaces lo0 unit 0 family inet address 192.168.0.1/32
set interfaces lo0 unit 0 family iso address 49.0002.0192.0168.0001.00
set protocols bgp group int type internal
set protocols bgp group int local-address 192.168.0.1
99
100
Device B
Device C
Device D
Device E
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure Device E:
1.
2.
Configure the statics policy, which adds the Edu community attribute to the static
routes.
[edit policy-options]
user@E# set policy-statement statics from protocol static
user@E# set policy-statement statics then community add Edu
user@E# set policy-statement statics then accept
user@E# set community Edu members 2:5
101
3.
4.
5.
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure Device C:
1.
2.
Configure IBGP.
[edit protocols bgp group int]
user@C# set type internal
user@C# set local-address 192.168.0.3
user@C# set neighbor 192.168.0.1
user@C# set neighbor 192.168.0.2
3.
Configure the Edu-to-isis policy, which redistributes the Edu-tagged BGP routes
learned from Device E and applies a metric of 63.
[edit policy-options]
user@C# set policy-statement Edu-to-isis term 1 from protocol bgp
user@C# set policy-statement Edu-to-isis term 1 from community Edu
user@C# set policy-statement Edu-to-isis term 1 then metric 63
user@C# set policy-statement Edu-to-isis term 1 then accept
user@C# set community Edu members 2:5
4.
102
6.
7.
Results
Device E
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, show policy-options, and show routing-options commands. If the output
does not display the intended configuration, repeat the instructions in this example to
correct the configuration.
user@E# show interfaces
fe-1/2/0 {
unit 0 {
family inet {
address 10.0.0.26/30;
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.5/32 {
primary;
}
address 10.2.0.1/32;
address 10.3.0.1/32;
}
}
}
103
Device C
104
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.3/32;
}
family iso {
address 49.0002.0192.0168.0003.00;
}
}
}
user@C# show protocols
bgp {
group int {
type internal;
local-address 192.168.0.3;
neighbor 192.168.0.1;
neighbor 192.168.0.2;
}
group external-peers {
type external;
export send-isis-and-direct;
peer-as 2;
neighbor 10.0.0.26;
}
}
isis {
export Edu-to-isis;
interface fe-1/2/0.0 {
level 1 disable;
}
interface fe-1/2/1.0 {
level 1 disable;
}
interface fe-1/2/2.0 {
level 1 disable;
level 2 passive;
}
interface lo0.0;
}
user@C# show policy-options
policy-statement Edu-to-isis {
term 1 {
from {
protocol bgp;
community Edu;
}
then {
metric 63;
accept;
}
}
}
105
policy-statement send-isis-and-direct {
term 1 {
from {
protocol [ isis direct ];
route-filter 10.0.0.0/16 orlonger;
route-filter 192.168.0.0/16 orlonger;
}
then accept;
}
}
community Edu members 2:5;
user@C# show routing-options
router-id 192.168.0.3;
autonomous-system 1;
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Action
Verify that the BGP routes from Device E are communicated on the IS-IS network in AS
1.
From operational mode, enter the show route protocol isis command.
user@D> show route protocol isis
inet.0: 11 destinations, 11 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.4/30
10.0.0.8/30
10.0.0.24/30
10.2.0.0/16
10.3.0.0/16
192.168.0.1/32
192.168.0.2/32
192.168.0.3/32
Meaning
106
As expected, the 10.2.0.0/16 and 10.3.0.0/16 routes are in Device Ds routing table as
IS-IS external routes with a metric of 73. If Device C had not added 63 to the metric,
Device D would have a metric of 10 for these routes.
Related
Documentation
NOTE: Route tagging does not work when IS-IS traffic engineering is disabled.
protocols {
isis {
export tag-lo0;
}
}
policy-options {
policy-statement tag-lo0 {
from {
interface lo0.0;
}
then {
accept;
tag 200;
}
}
}
You can verify that the tag has been correctly applied by using the show isis database
extensive command. In the command output, look for the Administrative tag field.
After verifying that the routes are tagged correctly, you can apply a route leaking policy
to match against the presence of administrative tags, rather than specifying a list of route
filters.
protocols {
isis {
export leak-tagged-L2-to-L1;
}
}
policy-options {
policy-statement leak-tagged-L2-to-L1 {
from {
tag 200;
protocol isis;
level 2;
}
to {
protocol isis;
level 1;
107
}
then accept;
}
}
Related
Documentation
108
Example: Configuring IS-IS Route Leaking from a Level 2 Area to a Level 1 Area on
page 91
CHAPTER 5
To detect failures in the network, the set of statements in Table 3 on page 110 are used
in the configuration.
109
Description
bfd-liveness-detection
minimum-interval
milliseconds
Specify the minimum transmit and receive intervals for failure detection.
This value represents the minimum interval at which the local router transmits hellos packets as
well as the minimum interval at which the router expects to receive a reply from a neighbor with
which it has established a BFD session. You can configure a number from 1 through
255,000 milliseconds. You can also specify the minimum transmit and receive intervals separately.
NOTE: BFD is an intensive protocol that consumes system resources. Specifying a minimum interval
for BFD less than 100 ms for Routing Engine-based sessions and 10 ms for distributed BFD sessions
can cause undesired BFD flapping.
Depending on your network environment, these additional recommendations might apply:
minimum-receive-interval
milliseconds
For large-scale network deployments with a large number of BFD sessions, specify a minimum
interval of 300 ms for Routing Engine-based sessions and 100 ms for distributed BFD sessions.
For very large-scale network deployments with a large number of BFD sessions, please contact
Juniper Networks customer support for more information.
For BFD sessions to remain up during a Routing Engine switchover event when nonstop active
routing (NSR) is configured, specify a minimum interval of 2500 ms for Routing Engine-based
sessions. For distributed BFD sessions with nonstop active routing configured, the minimum
interval recommendations are unchanged and depend only on your network deployment.
multiplier number
Specify the number of hello packets not received by the neighbor that causes the originating
interface to be declared down.
The default is 3, and you can configure a value from 1 through 225.
no-adaptation
threshold
Transmit interval
NOTE: The threshold value must be greater than the minimum transmit interval multiplied by the
multiplier number.
110
Description
transmit-interval
minimum-interval
version
NOTE: You can trace BFD operations by including the traceoptions statement
at the [edit protocols bfd] hierarchy level.
For a list of hierarchy levels at which you can include these statements, see the statement
summary sections for these statements.
Related
Documentation
NOTE: BFD is not supported with ISIS for IPV6 on QFX10000 series switches.
Requirements
Before you begin, configure IS-IS on both routers. See Example: Configuring IS-IS on
page 14 for information about the required IS-IS configuration.
This example uses the following hardware and software components:
111
Overview
This example shows two routers connected to each other. A loopback interface is
configured on each router. IS-IS and BFD protocols are configured on both routers.
Figure 11 on page 112 shows the sample network.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Router R1
set protocols isis interface so-0/0/0 bfd-liveness-detection detection-time threshold 5
set protocols isis interface so-0/0/0 bfd-liveness-detection minimum-interval 2
set protocols isis interface so-0/0/0 bfd-liveness-detection minimum-receive-interval 1
set protocols isis interface so-0/0/0 bfd-liveness-detection no-adaptation
set protocols isis interface so-0/0/0 bfd-liveness-detection transmit-interval threshold 3
set protocols isis interface so-0/0/0 bfd-liveness-detection transmit-interval
minimum-interval 1
set protocols isis interface so-0/0/0 bfd-liveness-detection multiplier 2
set protocols isis interface so-0/0/0 bfd-liveness-detection version automatic
Router R2
set protocols isis interface so-0/0/0 bfd-liveness-detection detection-time threshold 6
set protocols isis interface so-0/0/0 bfd-liveness-detection minimum-interval 3
set protocols isis interface so-0/0/0 bfd-liveness-detection minimum-receive-interval 1
set protocols isis interface so-0/0/0 bfd-liveness-detection no-adaptation
set protocols isis interface so-0/0/0 bfd-liveness-detection transmit-interval threshold 4
set protocols isis interface so-0/0/0 bfd-liveness-detection transmit-interval
minimum-interval 1
set protocols isis interface so-0/0/0 bfd-liveness-detection multiplier 2
set protocols isis interface so-0/0/0 bfd-liveness-detection version automatic
112
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode.
NOTE: To simply configure BFD for IS-IS, only the minimum-interval statement
is required. The BFD protocol selects default parameters for all the other
configuration statements when you use the bfd-liveness-detection statement
without specifying any parameters.
NOTE: You can change parameters at any time without stopping or restarting
the existing session. BFD automatically adjusts to the new parameter value.
However, no changes to BFD parameters take place until the values
resynchronize with each BFD peer.
2.
Configure the threshold for the adaptation of the detection time, which must be
greater than the multiplier number multiplied by the minimum interval.
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R1# set detection-time threshold 5
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R2# set detection-time threshold 6
3.
Configure the minimum transmit and receive intervals for failure detection.
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R1# set minimum-interval 2
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R2# set minimum-interval 3
4.
5.
113
Configure the threshold for the transmit interval, which must be greater than the
minimum transmit interval.
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R1# set transmit-interval threshold 3
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R2# set transmit-interval threshold 4
7.
8.
Configure the multiplier number, which is the number of hello packets not received
by the neighbor that causes the originating interface to be declared down.
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R1# set multiplier 2
[edit protocols isis interface so-0/0/0 bfd-liveness-detection]
user@R2# set multiplier 2
9.
Results
From configuration mode, confirm your configuration by issuing the show protocols isis
interface command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@R1# show protocols isis interface so-0/0/0
bfd-liveness-detection {
version automatic;
minimum-interval 2;
minimum-receive-interval 1;
multiplier 2;
no-adaptation;
transmit-interval {
minimum-interval 1;
threshold 3;
}
detection-time {
threshold 5;
}
}
...
114
Verification
Confirm that the configuration is working properly.
Meaning
115
Meaning
Make sure that the BFD instance is running on both routers, R1 and R2.
Use the show bfd session detail statement to check if BFD instance is running on the
routers.
user@R1> show bfd session detail
Detect
Address
State
Interface
Time
10.0.0.2
Up
so-0/0/0
2.000
Client ISIS R2, TX interval 0.001, RX interval 0.001
Client ISIS R1, TX interval 0.001, RX interval 0.001
Session down time 00:00:00, previous up time 00:00:15
Local diagnostic NbrSignal, remote diagnostic NbrSignal
Remote state AdminDown, version 1
116
Transmit
Interval
1.000
Multiplier
2
Transmit
Interval
1.000
Multiplier
2
1 sessions, 1 clients
Cumulative transmit rate 1.0 pps, cumulative receive rate 1.0 pps
Meaning
Related
Documentation
BFD is configured on Routers R1 and R2 for detecting failures in the IS-IS network.
117
authenticate the BFD session. One or more passwords might be configured. This method
is the least secure and should be used only when BFD sessions are not subject to packet
interception.
keyed-md5Keyed Message Digest 5 hash algorithm for sessions with transmit and
receive intervals greater than 100 ms. To authenticate the BFD session, keyed MD5
uses one or more secret keys (generated by the algorithm) and a sequence number
that is updated periodically. With this method, packets are accepted at the receiving
end of the session if one of the keys matches and the sequence number is greater than
or equal to the last sequence number received. Although more secure than a simple
password, this method is vulnerable to replay attacks. Increasing the rate at which the
sequence number is updated can reduce this risk.
method works in the same manner as keyed MD5, but the sequence number is updated
with every packet. Although more secure than keyed MD5 and simple passwords, this
method might take additional time to authenticate the session.
keyed-sha-1Keyed Secure Hash Algorithm I for sessions with transmit and receive
intervals greater than 100 ms. To authenticate the BFD session, keyed SHA uses one
or more secret keys (generated by the algorithm) and a sequence number that is
updated periodically. The key is not carried within the packets. With this method,
packets are accepted at the receiving end of the session if one of the keys matches
and the sequence number is greater than the last sequence number received.
works in the same manner as keyed SHA, but the sequence number is updated with
every packet. Although more secure than keyed SHA and simple passwords, this method
might take additional time to authenticate the session.
118
and they must match. Any mismatch in configuration prevents the BFD session from
being created.
BFD allows multiple clients per session, and each client can have its own keychain and
algorithm defined. To avoid confusion, we recommend specifying only one security
authentication keychain.
The following sections provide instructions for configuring and viewing BFD authentication
on IS-IS:
119
2. Specify the keychain to be used to associate BFD sessions on the specified IS-IS route
At least one key, a unique integer between 0 and 63. Creating multiple keys allows
multiple clients to use the BFD session.
120
AM PST. Key 2 contains the secret data $9$a5jiKW9l.reP38ny.TszF2/9 and a start time
of June 1, 2009, at 3:29:20 PM PST.
[edit protocols isis]
interface if1-isis {
bfd-liveness-detection {
authentication {
algorithm keyed-sha-1;
key-chain bfd-isis;
}
}
}
[edit security]
authentication key-chains {
key-chain bfd-isis {
key 1 {
secret $9$ggaJDmPQ6/tJgF/AtREVsyPsnCtUHm;
start-time 2009-6-1.09:46:02 -0700;
}
key 2 {
secret $9$a5jiKW9l.reP38ny.TszF2/9;
start-time 2009-6-1.15:29:20 -0700;
}
}
}
If you commit these updates to your configuration, you see output similar to the following.
In the output for the show bfd sessions detail command, Authenticate is displayed to
indicate that BFD authentication is configured. For more information about the
configuration, use the show bfd sessions extensive command. The output for this
command provides the keychain name, the authentication algorithm and mode for each
client in the session, and the overall BFD authentication configuration status, keychain
name, and authentication algorithm and mode.
show bfd sessions detail
user@host# show bfd session detail
Detect
Transmit
Address
State
Interface
Time
Interval Multiplier
10.9.1.29
Up
ge-4/0/0.0
0.600
0.200
3
Client ISIS L2, TX interval 0.200, RX interval 0.200, multiplier 3, Authenticate
Session up time 3d 00:34, previous down time 00:00:01
Local diagnostic NbrSignal, remote diagnostic AdminDown
Remote state Up, version 1
1 sessions, 1 clients
Cumulative transmit rate 10.0 pps, cumulative receive rate 10.0 pps
121
Related
Documentation
Requirements
Before you begin, configure IS-IS on both routers. See Example: Configuring IS-IS on
page 14 for information about the required IS-IS configuration.
Overview
In this example, a BFD authentication keychain is configured with meticulous keyed MD5
authentication.
Figure 12 on page 122 shows the topology used in this example.
122
10.0.0.0/30
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
CLI Quick Configuration on page 123 shows the configuration for both of the devices in
Figure 12 on page 122. The section Step-by-Step Procedure on page 123 describes the
steps on Device R1.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Device R2
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS BFD authentication:
1.
123
Enable BFD.
[edit protocols isis interface ge-1/2/0.0 bfd-liveness-detection]
user@R1# set minimum-interval 100
3.
4.
Results
From configuration mode, confirm your configuration by entering the show protocols and
show security commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show protocols
isis {
interface ge-1/2/0.0 {
bfd-liveness-detection {
minimum-interval 100;
authentication {
key-chain secret123;
algorithm meticulous-keyed-md5;
}
}
}
}
user@R1# show security
authentication-key-chains {
key-chain secret123 {
description for-isis-bfd;
key 1 {
secret "$9$cW-yrv"; ## SECRET-DATA
start-time "2012-5-31.13:00:00 -0700";
}
key 2 {
secret "$9$m5T3"; ## SECRET-DATA
start-time "2013-5-31.13:00:00 -0700";
}
key 3 {
secret "$9$mTQn"; ## SECRET-DATA
start-time "2014-5-31.13:00:00 -0700";
}
}
}
If you are done configuring the device, enter commit from configuration mode.
124
Verification
Confirm that the configuration is working properly.
Meaning
Related
Documentation
The output shows that BFD authentication is enabled on IS-IS Level 1 and Level 2.
125
126
CHAPTER 6
Understanding Dual Stacking of IPv4 and IPv6 Unicast Addresses on page 142
Example: Configuring IS-IS Dual Stacking of IPv4 and IPv6 Unicast Addresses on page 144
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
NOTE: IS-IS only starts advertising the routes when the interface routes are
in inet.2.
127
Table 4 on page 128 lists the various IPv4 statements you can use to configure IS-IS
topologies.
Description
ipv4-multicast
ipv4-multicast-metric number
no-ipv4-multicast
no-unicast-topology
Table 5 on page 128 lists the various IPv6 statements you can use to configure IS-IS
topologies.
Description
ipv6-multicast
ipv6-multicast-metric number
ipv6-unicast-metric number
no-ipv6-multicast
no-ipv6-unicast
For a list of hierarchy levels at which you can include these statements, see the statement
summary sections for these statements.
Related
Documentation
128
Requirements
Before you begin, configure IS-IS on all routers. See Example: Configuring IS-IS on
page 14 for information about the required IS-IS configuration.
This example uses the following hardware and software components:
Overview
This example shows an IS-IS multicast topology configuration. Three routers are
connected to each other. A loopback interface is configured on each router.
Figure 13 on page 129 shows the sample network.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Router R1
set protocols isis traceoptions file isis size 5m world-readable
129
Router R2
set protocols isis traceoptions file isis size 5m world-readable
set protocols isis traceoptions flag error
set protocols isis topologies ipv4-multicast
set protocols isis interface so-0/0/0 level 1 metric 13
set protocols isis interface so-0/0/0 level 1 ipv4-multicast-metric 12
set protocols isis interface so-0/0/0 level 2 metric 29
set protocols isis interface so-0/0/0 level 2 ipv4-multicast-metric 23
set protocols isis interface so-1/0/0 level 1 metric 14
set protocols isis interface so-1/0/0 level 1 ipv4-multicast-metric 18
set protocols isis interface so-1/0/0 level 2 metric 32
set protocols isis interface so-1/0/0 level 2 ipv4-multicast-metric 26
set protocols isis interface fxp0.0 disable
Router R3
set protocols isis traceoptions file isis size 5m world-readable
set protocols isis traceoptions flag error
set protocols isis topologies ipv4-multicast
set protocols isis interface so-0/0/0 level 1 metric 19
set protocols isis interface so-0/0/0 level 1 ipv4-multicast-metric 11
set protocols isis interface so-0/0/0 level 2 metric 27
set protocols isis interface so-0/0/0 level 2 ipv4-multicast-metric 21
set protocols isis interface so-1/0/0 level 1 metric 16
set protocols isis interface so-1/0/0 level 1 ipv4-multicast-metric 26
set protocols isis interface so-1/0/0 level 2 metric 30
set protocols isis interface so-1/0/0 level 2 ipv4-multicast-metric 20
set protocols isis interface fxp0.0 disable
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS multicast topologies:
1.
Enable the multicast topology for IS-IS by using the ipv4-multicast statement.
Routers R1, R2, and R3
[edit protocols isis]
user@host# set traceoptions file isis size 5m world-readable
user@host# set traceoptions flag error
user@host# set topologies ipv4-multicast
130
ipv4-multicast-metric statement.
Router R1
[edit protocols isis interface so-0/0/0 ]
user@R1# set level 1 metric 15
user@R1# set level 1 ipv4-multicast-metric 18
user@R1# set level 2 metric 20
user@R1# set level 2 ipv4-multicast-metric 14
Router R2
[edit protocols isis interface so-0/0/0]
user@R2# set level 1 metric 13
user@R2# set level 1 ipv4-multicast-metric 12
user@R2# set level 2 metric 29
user@R2# set level 2 ipv4-multicast-metric 23
Router R3
[edit protocols isis interface so-0/0/0]
user@R3# set level 1 metric 19
user@R3# set level 1 ipv4-multicast-metric 11
user@R3# set level 2 metric 27
user@R3# set level 2 ipv4-multicast-metric 21
3. Enable multicast metrics on a second sonet Interface by using the ipv4-multicast-metric
statement.
Router R1
[edit protocols isis interface so-1/0/0]
user@R1# set level 1 metric 13
user@R1# set level 1 ipv4-multicast-metric 12
user@R1# set level 2 metric 29
user@R1# set level 2 ipv4-multicast-metric 23
Router R2
[edit protocols isis interface so-1/0/0]
user@R2# set level 1 metric 14
user@R2# set level 1 ipv4-multicast-metric 18
user@R2# set level 2 metric 32
user@R2# set level 2 ipv4-multicast-metric 26
Router R3
[edit protocols isis interface so-1/0/0]
user@R3# set level 1 metric 16
user@R3# set level 1 ipv4-multicast-metric 26
user@R3# set level 2 metric 30
user@R3# set level 2 ipv4-multicast-metric 20
4. Disable the out-of-band management port, fxp0.
131
Results
From configuration mode, confirm your configuration by using the show protocols isis
statement. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
Router R1
user@R1# show protocols isis
traceoptions {
file isis size 5m world-readable;
flag error;
}
topologies ipv4-multicast;
interface so-0/0/0 {
level 1 {
metric 15;
ipv4-multicast-metric 18;
}
level 2 {
metric 20;
ipv4-multicast-metric 14;
}
}
interface so-1/0/0 {
level 1 {
metric 13;
ipv4-multicast-metric 12;
}
level 2 {
metric 29;
ipv4-multicast-metric 23;
}
}
interface fxp0.0 {
disable;
}
Router R2
user@R2# show protocols isis
traceoptions {
file isis size 5m world-readable;
flag error;
}
topologies ipv4-multicast;
interface so-0/0/0 {
level 1 {
metric 13;
ipv4-multicast-metric 12;
}
level 2 {
metric 29;
ipv4-multicast-metric 23;
132
}
}
interface so-1/0/0 {
level 1 {
metric 14;
ipv4-multicast-metric 18;
}
level 2 {
metric 32;
ipv4-multicast-metric 26;
}
}
interface fxp0.0 {
disable;
}
Router R3
user@R3# show protocols isis
traceoptions {
file isis size 5m world-readable;
flag error;
}
topologies ipv4-multicast;
interface so-0/0/0 {
level 1 {
metric 19;
ipv4-multicast-metric 11;
}
level 2 {
metric 27;
ipv4-multicast-metric 21;
}
}
interface so-1/0/0 {
level 1 {
metric 16;
ipv4-multicast-metric 26;
}
level 2 {
metric 30;
ipv4-multicast-metric 20;
}
}
interface fxp0.0 {
disable;
}
Verification
Confirm that the configuration is working properly.
Verifying the Connection Between Routers R1, R2, and R3 on page 134
133
Make sure that Routers R1, R2, and R3 are connected to each other.
Ping the other two routers from any router, to check the connectivity between the three
routers as per the network topology.
user@R1> ping 10.0.3.9
PING 10.0.3.9 (10.0.3.9): 56 data bytes
64 bytes from 10.0.3.9: icmp_seq=0 ttl=64 time=1.299 ms
64 bytes from 10.0.3.9: icmp_seq=1 ttl=64 time=52.304 ms
64 bytes from 10.0.3.9: icmp_seq=2 ttl=64 time=1.271 ms
64 bytes from 10.0.3.9: icmp_seq=3 ttl=64 time=1.343 ms
64 bytes from 10.0.3.9: icmp_seq=4 ttl=64 time=1.434 ms
64 bytes from 10.0.3.9: icmp_seq=5 ttl=64 time=1.306 ms
^C
--- 10.0.3.9 ping statistics --6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.271/9.826/52.304/18.997 ms
user@R1> ping 10.0.3.10
PING 10.0.3.10 (10.0.3.10): 56 data bytes
64 bytes from 10.0.3.10: icmp_seq=0 ttl=64 time=1.431 ms
64 bytes from 10.0.3.10: icmp_seq=1 ttl=64 time=1.296 ms
64 bytes from 10.0.3.10: icmp_seq=2 ttl=64 time=1.887 ms
^C
--- 10.0.3.10 ping statistics --3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.296/1.538/1.887/0.253 ms
user@R2> ping 10.0.2.9
PING 10.0.2.9 (10.0.2.9): 56 data bytes
64 bytes from 10.0.2.9: icmp_seq=0 ttl=64 time=1.365 ms
64 bytes from 10.0.2.9: icmp_seq=1 ttl=64 time=1.813 ms
64 bytes from 10.0.2.9: icmp_seq=2 ttl=64 time=1.290 ms
^C
--- 10.0.2.9 ping statistics --3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.290/1.489/1.813/0.231 ms
user@R2> ping 10.0.2.10
PING 10.0.2.10 (10.0.2.10): 56 data bytes
64 bytes from 10.0.2.10: icmp_seq=0 ttl=63 time=1.318 ms
64 bytes from 10.0.2.10: icmp_seq=1 ttl=63 time=1.394 ms
64 bytes from 10.0.2.10: icmp_seq=2 ttl=63 time=1.366 ms
64 bytes from 10.0.2.10: icmp_seq=3 ttl=63 time=1.305 ms
^C
--- 10.0.2.10 ping statistics --4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.305/1.346/1.394/0.036 ms
user@R3> ping 10.0.1.10
PING 10.0.1.10 (10.0.1.10): 56 data bytes
64 bytes from 10.0.1.10: icmp_seq=0 ttl=63 time=1.316 ms
134
Meaning
Routers R1, R2, and R3 have a peer relationship with each other.
Make sure that the IS-IS instance is running on Routers R1, R2, and R3, and that they are
adjacent to each other.
Action
Use the show isis adjacency detail command to check the adjacency between the routers.
Router R1
user@R1> show isis adjacency detail
R2
Interface: so-0/0/0, Level: 1, State: Up, Expires in 8 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:23:59 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bd
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.0.1.10
R2
Interface: so-0/0/0, Level: 2, State: Up, Expires in 8 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:23:58 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bd
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.0.1.10
R3
Interface: so-1/0/0, Level: 1, State: Up, Expires in 7 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:24:20 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bd
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R3.02, IP addresses: 10.0.2.10
R3
Interface: so-1/0/0, Level: 2, State: Up, Expires in 6 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:24:20 ago
135
Router R2
user@R2> show isis adjacency detail
R1
Interface: so-0/0/0, Level: 1, State: Up, Expires in 20 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:27:50 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bc
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.0.1.9
R1
Interface: so-0/0/0, Level: 2, State: Up, Expires in 26 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:27:50 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bc
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R2.02, IP addresses: 10.0.1.9
R3
Interface: so-1/0/0, Level: 1, State: Up, Expires in 8 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:27:22 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bd
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R3.03, IP addresses: 10.0.3.10
R3
Interface: so-1/0/0, Level: 2, State: Up, Expires in 8 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:27:22 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bd
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R3.03, IP addresses: 10.0.3.10
Router R3
user@R3> show isis adjacency detail
R2
Interface: so-0/0/0, Level: 1, State: Up, Expires in 18 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:33:09 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bc
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R3.03, IP addresses: 10.0.3.9
R2
Interface: so-0/0/0, Level: 2, State: Up, Expires in 22 secs
Priority: 64, Up/Down transitions: 1, Last transition: 2d 19:33:09 ago
Circuit type: 3, Speaks: IP, MAC address: 0:1b:c0:86:54:bc
Topologies: IPV4-Multicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: R3.03, IP addresses: 10.0.3.9
R1
136
Meaning
IS-IS is configured on Routers R1, R2, and R3, and they are adjacent to each other.
Action
Make sure that the SPF calculations are accurate as per the configured multicast metric
values on Routers R1, R2, and R3.
Use the show isis spf results command to check the SPF calculations for the network.
Router R1
user@R1> show isis spf results
...
IPV4 Multicast IS-IS level 1 SPF results:
Node
Metric
Interface
NH
Via
R3.03 28
so-1/0/0
IPV4 R3
R2.00 18
so-0/0/0
IPV4 R2
R3.00 17
so-1/0/0
IPV4 R3
R1.00 0
4 nodes
IPV4 Multicast IS-IS level 2 SPF results:
Node
Metric
Interface
NH
Via
R3.03 40
so-0/0/0
IPV4 R2
R3.00 22
so-1/0/0
IPV4 R3
R2.00 14
so-0/0/0
IPV4 R2
R1.00 0
4 nodes
SNPA
0:1b:c0:86:54:bd
0:1b:c0:86:54:bd
0:1b:c0:86:54:bd
SNPA
0:1b:c0:86:54:bd
0:1b:c0:86:54:bd
0:1b:c0:86:54:bd
Router R2
user@R2> show isis spf results
...
IPV4 Multicast IS-IS level 1 SPF results:
Node
Metric
Interface
NH
Via
R3.02 29
so-0/0/0
IPV4 R1
R3.00 18
so-1/0/0
IPV4 R3
R1.00 12
so-0/0/0
IPV4 R1
R2.02 12
R2.00 0
5 nodes
IPV4 Multicast IS-IS level 2 SPF results:
Node
Metric
Interface
NH
Via
SNPA
0:1b:c0:86:54:bc
0:1b:c0:86:54:bd
0:1b:c0:86:54:bc
SNPA
137
R3.02 45
R3.00 26
R1.00 23
R2.02 23
R2.00 0
5 nodes
so-0/0/0
so-1/0/0
so-0/0/0
IPV4 R1
IPV4 R3
IPV4 R1
0:1b:c0:86:54:bc
0:1b:c0:86:54:bd
0:1b:c0:86:54:bc
Router R3
user@R3> show isis spf results
...
IPV4 Multicast IS-IS level 1 SPF results:
Node
Metric
Interface
NH
Via
R3.02 26
R1.00 23
so-0/0/0
IPV4 R2
R2.02 23
so-0/0/0
IPV4 R2
R2.00 11
so-0/0/0
IPV4 R2
R3.03 11
R3.00 0
6 nodes
IPV4 Multicast IS-IS level 2 SPF results:
Node
Metric
Interface
NH
Via
R2.02 34
so-1/0/0
IPV4 R1
R2.00 21
so-0/0/0
IPV4 R2
R3.03 21
R1.00 20
so-1/0/0
IPV4 R1
R3.02 20
R3.00 0
6 nodes
Meaning
SNPA
0:1b:c0:86:54:bc
0:1b:c0:86:54:bc
0:1b:c0:86:54:bc
SNPA
0:1b:c0:86:54:bc
0:1b:c0:86:54:bc
0:1b:c0:86:54:bc
The configured multicast metric values are used in SPF calculations for the IS-IS network.
Make sure that the multicast topology is configured on Routers R1, R2, and R3.
Use the show isis database detail command to verify the multicast topology configuration
on the routers.
Router R1
user@R1> show isis database detail
IS-IS level 1 link-state database:
R1.00-00 Sequence: 0x142, Checksum: 0xd07, Lifetime: 663 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
15
IPV4 Unicast IS neighbor: R3.02
Metric:
15
IPV4 Multicast IS neighbor: R2.02 Metric:
18
IPV4 Multicast IS neighbor: R3.02 Metric:
17
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
15 Internal Up
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
15 Internal Up
R2.00-00 Sequence: 0x13f, Checksum: 0xf02b, Lifetime: 883 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
13
IPV4 Unicast IS neighbor: R3.03
Metric:
14
IPV4 Multicast IS neighbor: R2.02 Metric:
12
IPV4 Multicast IS neighbor: R3.03 Metric:
18
138
Metric:
Metric:
13 Internal Up
14 Internal Up
139
Metric:
Metric:
0
0
Router R2
user@R2> show isis database detail
IS-IS level 1 link-state database:
R1.00-00 Sequence: 0x142, Checksum: 0xd07, Lifetime: 524 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
15
IPV4 Unicast IS neighbor: R3.02
Metric:
15
IPV4 Multicast IS neighbor: R2.02
Metric:
18
IPV4 Multicast IS neighbor: R3.02
Metric:
17
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
15 Internal Up
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
15 Internal Up
R2.00-00 Sequence: 0x13f, Checksum: 0xf02b, Lifetime: 748 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
13
IPV4 Unicast IS neighbor: R3.03
Metric:
14
IPV4 Multicast IS neighbor: R2.02
Metric:
12
IPV4 Multicast IS neighbor: R3.03
Metric:
18
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
13 Internal Up
IP IPV4 Unicast prefix: 10.0.3.8/30 Metric:
14 Internal Up
R2.02-00 Sequence: 0x13c, Checksum: 0x57e2, Lifetime: 777 secs
IPV4 Unicast IS neighbor: R1.00
Metric:
0
IPV4 Unicast IS neighbor: R2.00
Metric:
0
R3.00-00 Sequence: 0x13d, Checksum: 0xc6df, Lifetime: 1102 secs
IPV4 Unicast IS neighbor: R3.02
Metric:
16
IPV4 Unicast IS neighbor: R3.03
Metric:
19
IPV4 Multicast IS neighbor: R3.02
Metric:
26
IPV4 Multicast IS neighbor: R3.03
Metric:
11
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
16 Internal Up
IP IPV4 Unicast prefix: 10.0.3.8/30 Metric:
19 Internal Up
R3.02-00 Sequence: 0x139, Checksum: 0xfb0e, Lifetime: 488 secs
IPV4 Unicast IS neighbor: R1.00
Metric:
0
IPV4 Unicast IS neighbor: R3.00
Metric:
0
R3.03-00 Sequence: 0x138, Checksum: 0xad56, Lifetime: 577 secs
IPV4 Unicast IS neighbor: R2.00
Metric:
0
IPV4 Unicast IS neighbor: R3.00
Metric:
0
IS-IS level 2 link-state database:
R1.00-00 Sequence: 0x142, Checksum: 0x2c7c, Lifetime: 676 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
20
IPV4 Unicast IS neighbor: R3.02
Metric:
31
IPV4 Multicast IS neighbor: R2.02
Metric:
14
IPV4 Multicast IS neighbor: R3.02
Metric:
22
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
20 Internal Up
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
31 Internal Up
IP IPV4 Unicast prefix: 10.0.3.8/30 Metric:
29 Internal Up
R2.00-00 Sequence: 0x13f, Checksum: 0x4826, Lifetime: 831 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
29
IPV4 Unicast IS neighbor: R3.03
Metric:
32
IPV4 Multicast IS neighbor: R2.02
Metric:
23
IPV4 Multicast IS neighbor: R3.03
Metric:
26
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
29 Internal Up
140
Metric:
Metric:
28 Internal Up
32 Internal Up
Router R3
user@R3> show isis database detail
IS-IS level 1 link-state database:
R1.00-00 Sequence: 0x143, Checksum: 0xb08, Lifetime: 1155 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
15
IPV4 Unicast IS neighbor: R3.02
Metric:
15
IPV4 Multicast IS neighbor: R2.02
Metric:
18
IPV4 Multicast IS neighbor: R3.02
Metric:
17
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
15 Internal Up
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
15 Internal Up
R2.00-00 Sequence: 0x13f, Checksum: 0xf02b, Lifetime: 687 secs
IPV4 Unicast IS neighbor: R2.02
Metric:
13
IPV4 Unicast IS neighbor: R3.03
Metric:
14
IPV4 Multicast IS neighbor: R2.02
Metric:
12
IPV4 Multicast IS neighbor: R3.03
Metric:
18
IP IPV4 Unicast prefix: 10.0.1.8/30 Metric:
13 Internal Up
IP IPV4 Unicast prefix: 10.0.3.8/30 Metric:
14 Internal Up
R2.02-00 Sequence: 0x13c, Checksum: 0x57e2, Lifetime: 716 secs
IPV4 Unicast IS neighbor: R1.00
Metric:
0
IPV4 Unicast IS neighbor: R2.00
Metric:
0
R3.00-00 Sequence: 0x13d, Checksum: 0xc6df, Lifetime: 1044 secs
IPV4 Unicast IS neighbor: R3.02
Metric:
16
IPV4 Unicast IS neighbor: R3.03
Metric:
19
IPV4 Multicast IS neighbor: R3.02
Metric:
26
IPV4 Multicast IS neighbor: R3.03
Metric:
11
IP IPV4 Unicast prefix: 10.0.2.8/30 Metric:
16 Internal Up
IP IPV4 Unicast prefix: 10.0.3.8/30 Metric:
19 Internal Up
R3.02-00 Sequence: 0x139, Checksum: 0xfb0e, Lifetime: 430 secs
IPV4 Unicast IS neighbor: R1.00
Metric:
0
IPV4 Unicast IS neighbor: R3.00
Metric:
0
141
Meaning
Related
Documentation
142
own networks, and yet they must continue to serve both IPv4 customers and new
customers, all of whom are primarily trying to reach IPv4 destinations.
IPv4 and IPv6 must coexist for some number of years, and their coexistence must be
transparent to end users. If an IPv4-to-IPv6 transition is successful, end users should not
even notice it.
A dual-stack device is a device with network interfaces that can originate and understand
both IPv4 and IPv6 packets.
Other strategies, such as manually or dynamically configured tunnels and translation
devices exist, but dual stacking is often the preferable solution in many scenarios. The
dual-stacked device can interoperate equally with IPv4 devices, IPv6 devices, and other
dual-stacked devices. When both devices are dual stacked, the two devices agree on
which IP version to use.
The transition is driven by DNS. If a dual-stacked device queries the name of a destination
and DNS gives it an IPv4 address (a DNS A Record), it sends IPv4 packets. If DNS responds
with an IPv6 address (a DNS AAAA Record), it sends IPv6 packets.
Keep in mind that if you are going to dual stack all of your network devices, the interfaces
need both an IPv6 and an IPv4 address. This raises the issue that the Internet has run
out of IPv4 addresses, which is the main reason IPv6 is needed in the first place. If you
do not have an abundant supply of IPv4 addresses to apply to your devices, you can still
use dual stacking, but you will need to conserve your supply of IPv4 addresses by using
network address translation (NAT). Building dual-stacked networks with a mix of global
IPv6 addresses and NAT-ed IPv4 addresses is quite feasible. Some specific solutions
include carrier-grade NAT (CGN), NAT44(4), NAT64, NAT464, and dual-stack lite.
Table 6 on page 143 describes at a high level how to pick a network addressing technique.
In reality, a complete solution might include a set of techniques to satisfy multiple service
needs. It is important to understand the backbone technology being used on the network
and also to know if the provider has control over the access customer premises equipment
(CPE).
Access Network
IPv4
IPv4
IPv4 Internet
NAT44(4)
IPv4/IPv6
IPv6
IPv4 Internet
IPv4/IPv6
IPv4
IPv6 Internet
6rd (6to4)
IPv4
IPv6
IPv4 Internet
NAT64
Destinations
Solution
Related
Documentation
Understanding IPv6
143
Example: Configuring IS-IS Dual Stacking of IPv4 and IPv6 Unicast Addresses on
page 144
Example: Configuring IS-IS Dual Stacking of IPv4 and IPv6 Unicast Addresses
This example shows how to configure IPv4 and IPv6 dual stacking in IS-IS.
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Video: IS-IS Dual Stacking
You can use IPv4 and IPv6 dual stacking to begin your migration from IPv4 to IPv6 by
implementing IPv6 alongside IPv4 in your existing networks. This allows you to implement
IPv6 so that you can provide the same services over IPv6for example, video, voice,
high-quality datathat you currently provide in your IPv4 networks. You can then perform
incremental upgrades to IPv6 and avoid service disruptions while migrating from IPv4 to
IPv6.
Unlike RIP and OSPF, IS-IS does not require a distinct protocol or a new version to support
IPv6. Because IS-IS uses ISO addresses, the configuration for IPv6 and IPv4 is identical
in the Junos OS implementation of IS-IS. For IS-IS to carry IPv6 routes, you only need to
add IPv6 addresses to IS-IS enabled interfaces or include other IPv6 routes in your IS-IS
export policy.
The only explicit configuration needed in IS-IS with regard to IPv6 is if you want to disable
it. Alternatively, you can disable IPv4 routing and use IS-IS with IPv6 only. An example
of each is provided here:
Disable IPv6 routing in IS-IS:
[edit protocols isis]
user@host# set no-ipv6-routing
144
fe-1/2/0
R1
fe-1/2/1
.1
10.0.0.0/30
.17
2001:db8:0:1::/64
10.0.0.16/30
fe-1/2/0
fe-1/2/0
2001:db8:0:5::/64
.18
R3
g041305
R2
.2
CLI Quick Configuration on page 145 shows the configuration for all of the devices in
Figure 14 on page 145. The section Step-by-Step Procedure on page 146 describes the
steps on Device R1.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Device R2
Device R3
145
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the Junos OS CLI User Guide.
To configure IS-IS dual stacking:
1.
Configure the interfaces, including both IPv4 and IPv6 addresses on each interface.
Optionally, include the eui-64 statement to automatically generate the host number
portion of interface addresses.
[edit interfaces]
user@R1# set fe-1/2/0 unit 0 family inet address 10.0.0.1/30
user@R1# set fe-1/2/0 unit 0 family iso
user@R1# set fe-1/2/0 unit 0 family inet6 address 2001:db8:0:5::/64 eui-64
user@R1# set fe-1/2/1 unit 0 family inet address 10.0.0.17/30
user@R1# set fe-1/2/1 unit 0 family iso
user@R1# set fe-1/2/1 unit 0 family inet6 address 2001:db8:0:1::/64 eui-64
user@R1# set lo0 unit 0 family inet address 192.168.0.1/32
user@R1# set lo0 unit 0 family iso address 49.0002.0192.0168.0001.00
user@R1# set lo0 unit 0 family inet6 address 2001:db8::1/128
2.
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show interfaces
fe-1/2/0 {
unit 0 {
family inet {
address 10.0.0.1/30;
}
family iso;
family inet6 {
address 2001:db8:0:5::/64 {
eui-64;
}
}
}
}
fe-1/2/1 {
unit 0 {
family inet {
address 10.0.0.17/30;
}
family iso;
146
family inet6 {
address 2001:db8:0:1::/64 {
eui-64;
}
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
family inet6 {
address 2001:db8::1/128;
}
}
}
user@R1# show protocols
isis {
interface fe-1/2/0.0;
interface fe-1/2/1.0;
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Action
From operational mode, enter the show isis adjacency detail command.
user@R1> show isis adjacency detail
R2
Interface: fe-1/2/0.0, Level: 3, State: Up, Expires in 24 secs
Priority: 0, Up/Down transitions: 1, Last transition: 18:34:08 ago
Circuit type: 3, Speaks: IP, IPv6
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
IP addresses: 10.0.0.2
IPv6 addresses: fe80::2a0:a514:0:24c
R3
147
Meaning
As expected, the output shows that the two neighbors support both IPv4 and IPv6. The
IPv4 address and the IPv6 link-local address are also shown.
Make sure that you can ping the remote IPv6 interfaces.
From operational mode, enter the ping command to ping from Device R2 to Device R3.
1.
up
up
inet
iso
inet6
Local
Remote
10.0.0.18/30
2001:db8:0:1:2a0:a514:0:124c/64
fe80::2a0:a514:0:124c/64
192.168.0.3
--> 0/0
49.0002.0192.0168.0003
2001:db8::3
fe80::2a0:a50f:fc56:14c
Meaning
148
This test confirms that IS-IS has learned the IPv6 routes.
Action
Verify that the expected routes are in the IPv6 routing table.
*[Direct/0] 18:52:52
>
via lo0.0
2001:db8::2/128
*[IS-IS/15] 01:59:52, metric 10
> to fe80::2a0:a514:0:24c via fe-1/2/0.0
2001:db8::3/128
*[IS-IS/15] 01:59:52, metric 10
> to fe80::2a0:a514:0:124c via fe-1/2/1.0
2001:db8:0:1::/64 *[Direct/0] 18:52:15
>
via fe-1/2/1.0
2001:db8:0:1:2a0:a514:0:114c/128
*[Local/0] 18:52:48
Local via fe-1/2/1.0
2001:db8:0:5::/64 *[Direct/0] 18:52:49
>
via fe-1/2/0.0
2001:db8:0:5:2a0:a514:0:14c/128
*[Local/0] 18:52:49
Local via fe-1/2/0.0
fe80::/64
*[Direct/0] 18:52:49
>
via fe-1/2/0.0
[Direct/0] 18:52:15
>
via fe-1/2/1.0
fe80::2a0:a50f:fc56:14c/128
*[Direct/0] 18:52:52
>
via lo0.0
fe80::2a0:a514:0:14c/128
*[Local/0] 18:52:49
Local via fe-1/2/0.0
fe80::2a0:a514:0:114c/128
*[Local/0] 18:52:48
Local via fe-1/2/1.0
Meaning
Related
Documentation
The output shows the IPv6 interface routes (direct and local) and the IPv6 routes learned
through IS-IS.
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
149
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
This example focuses on IPv4 and IPv6 unicast topologies. The IS-IS interface metrics
for the IPv4 topology can be configured independently of the IPv6 metrics. You can also
150
selectively disable interfaces from participating in the IPv6 topology while continuing to
participate in the IPv4 topology. This enables you to exercise control over the paths that
unicast data takes through a network.
To enable an IPv6 unicast topology for IS-IS, include the ipv6-unicast statement:
isis {
topologies {
ipv6-unicast;
}
}
To configure a metric for the IPv6 unicast topology, include the ipv6-unicast-metric
statement:
isis {
interface interface-name {
level level-number {
ipv6-unicast-metric number;
}
}
}
To exclude an interface from the IPv6 unicast topologies for IS-IS, include the
no-ipv6-unicast statement:
isis {
interface interface-name {
no-ipv6-unicast;
}
}
Figure 15 on page 152 shows the topology used in this example. The black lines indicate
link membership in the IPv6 topology. The gray lines indicate membership to the IPv4
topology. Using regular TLVs, it would not be possible to build multiple topologies and
run an SPF calculation based on them. The multitopology extensions describe an
extension to carry the set of supported protocols in the hello packet. After activating
multitopology routing support on a link, the link carries all the topologies that the
underlying circuit is able to relay.
151
so-1/2/0
R1
so-1/2/2
.1
.13 .17
10.0.0.0/30
2001:db8:0:1::/64
10.0.0.16/30
so-1/2/0
.2
so-1/2/0
2001:db8:0:5::/64
.18
R2
.9 so-1/2/1
10.0.0.12/30
so-1/2/1 .25
10.0.0.8/30 2001:db8:0:4::/64
so-1/2/1
10.0.0.24/30
.10
.21
R4
so-1/2/0
R3
10.0.0.20/30
so-1/2/2
.5
2001:db8:0:2::/64
10.0.0.4.30
2001:db8:0:3::/64
.6
so-1/2/0
so-1/2/1
IPv6
IPv4
g041296
R6
CLI Quick Configuration on page 152 shows the configuration for all of the devices in
Figure 15 on page 152. The section Step-by-Step Procedure on page 154 describes the
steps on Device R1.
Configuration
CLI Quick
Configuration
Device R1
152
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces so-1/2/0 unit 0 family inet address 10.0.0.1/30
set interfaces so-1/2/0 unit 0 family iso
set interfaces so-1/2/0 unit 0 family inet6 address 2001:db8:0:5::/64 eui-64
set interfaces so-1/2/1 unit 0 family inet address 10.0.0.13/30
set interfaces so-1/2/1 unit 0 family iso
set interfaces so-1/2/2 unit 0 family inet address 10.0.0.17/30
set interfaces so-1/2/2 unit 0 family iso
set interfaces so-1/2/2 unit 0 family inet6 address 2001:db8:0:1::/64 eui-64
set interfaces lo0 unit 0 family inet address 192.168.0.1/32
set interfaces lo0 unit 0 family iso address 49.0002.0192.0168.0001.00
set interfaces lo0 unit 0 family inet6 address 2001:db8::1/128
set protocols isis topologies ipv6-unicast
set protocols isis interface so-1/2/0.0
set protocols isis interface so-1/2/1.0 no-ipv6-unicast
set protocols isis interface so-1/2/2.0
set protocols isis interface lo0.0
Device R2
Device R3
Device R4
Device R5
153
Device R6
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure an alternate IPv6 unicast topology:
1.
2.
3.
154
4.
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show interfaces
so-1/2/0 {
unit 0 {
family inet {
address 10.0.0.1/30;
}
family iso;
family inet6 {
address 2001:db8:0:5::/64 {
eui-64;
}
}
}
}
so-1/2/1 {
unit 0 {
family inet {
address 10.0.0.13/30;
}
family iso;
}
}
so-1/2/2 {
unit 0 {
family inet {
address 10.0.0.17/30;
}
family iso;
family inet6 {
address 2001:db8:0:1::/64 {
eui-64;
}
}
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
155
}
family inet6 {
address 2001:db8::1/128;
}
}
}
user@R1# show protocols
isis {
topologies ipv6-unicast;
interface so-1/2/0.0;
interface so-1/2/1.0 {
no-ipv6-unicast;
}
interface so-1/2/2.0;
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Action
From operational mode, enter the show isis adjacency detail command.
user@R1> show isis adjacency detail
R2
Interface: so-1/2/0.0, Level: 3, State: Up, Expires in 24 secs
Priority: 0, Up/Down transitions: 1, Last transition: 05:28:16 ago
Circuit type: 3, Speaks: IP, IPv6
Topologies: Unicast, IPV6-Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
IP addresses: 10.0.0.2
IPv6 addresses: fe80::2a0:a514:0:24c
R5
Interface: so-1/2/1.0, Level: 3, State: Up, Expires in 21 secs
Priority: 0, Up/Down transitions: 1, Last transition: 05:27:47 ago
Circuit type: 3, Speaks: IP, IPv6
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
IP addresses: 10.0.0.14
R3
Interface: so-1/2/2.0, Level: 3, State: Up, Expires in 22 secs
Priority: 0, Up/Down transitions: 1, Last transition: 05:27:25 ago
Circuit type: 3, Speaks: IP, IPv6
156
Meaning
As expected, the adjacency with Device R5 only supports the IPv4 unicast topology, while
the adjacencies with Device R2 and Device R3 support both the IPv4 and IPv6 topologies.
Verify that separate SPF calculations are being run for IPv4 and IPv6.
From operational mode, enter the show isis spf brief command.
user@R1> show isis spf brief
IPV4 Unicast IS-IS level 1 SPF results:
Node
Metric
Interface
NH
R6.00
20
so-1/2/1.0
IPV4 R5
R4.00
20
so-1/2/0.0
IPV4 R2
R5.00
10
so-1/2/1.0
IPV4 R5
R3.00
10
so-1/2/2.0
IPV4 R3
R2.00
10
so-1/2/0.0
IPV4 R2
R1.00
0
6 nodes
Meaning
IPV4 Unicast
Node
R6.00
R4.00
R5.00
R3.00
R2.00
R1.00
6 nodes
IPV6 Unicast
Node
R5.00
R6.00
R4.00
R3.00
R2.00
R1.00
6 nodes
IPV6 Unicast
Node
R5.00
R6.00
R4.00
R3.00
R2.00
R1.00
6 nodes
Via
SNPA
Via
SNPA
Via
SNPA
Via
SNPA
As expected, SPF calculations are being performed for IPv4 and IPv6 topologies.
157
Action
Verify that the link can be a member of both the IPv4 unicast topology and the IPv6
unicast topology.
Meaning
Related
Documentation
158
The IS-IS hello (IIH) packet shows that IPv4 and IPv6 are supported. The hello packet
lists valid IPv4 and IPv6 addresses, and therefore the routing device can create valid
next-hop entries. The supported protocols are listed in the multitopology TLV #229.
Example: Configuring IS-IS Dual Stacking of IPv4 and IPv6 Unicast Addresses on
page 144
CHAPTER 7
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
Understanding Remote LFA over LDP Tunnels in IS-IS Networks on page 174
Configuring Remote LFA Backup over LDP Tunnels in an IS-IS Network on page 175
Example: Configuring Remote LFA over LDP Tunnels in IS-IS Networks on page 177
159
The level of backup coverage available through IS-IS routes depends on the actual
network topology and is typically less than 100 percent for all destinations on any given
routing device. You can extend backup coverage to include RSVP LSPs.
Junos OS provides two mechanisms for route redundancy for IS-IS through alternate
loop-free routes: link protection and node-link protection. When you enable link protection
or node-link protection on an IS-IS interface, Junos OS creates a single alternate path to
the primary next hop for all destination routes that traverse a protected interface. Link
protection offers per-link traffic protection. Use link protection when you assume that
only a single link might become unavailable but that the neighboring node on the primary
path would still be available through another interface.
Node-link protection establishes an alternate path through a different routing device
altogether. Use node-link protection when you assume that access to a node is lost when
a link is no longer available. As a result, Junos OS calculates a backup path that avoids
the primary next-hop routing device. In Junos OS Release 9.4 and earlier, only the RSVP
protocol supports Packet Forwarding Engine local repair and fast reroute as well as link
protection and node protection.
In Figure 16 on page 161, Case 2 shows how link protection allows source Router A to
switch to Link B when the primary next hop Link A to destination Router C fails. However,
if Router B fails, Link B also fails, and the protected Link A is lost. If node-link protection
is enabled, Router A is able to switch to Link D on Router D and bypass the failed Router
B altogether. As shown in Case 1, with node-link protection enabled, Router A has a
node-link protection alternate path available through Router D to destination Router C.
That means that if Router B fails, Router A can still reach Router C because the path from
Router A to Link D remains available as an alternate backup path.
160
Figure 16: Link Protection and Node-Link Protection Comparison for IS-IS
Routes
The Junos OS implementation of support for loop-free alternate paths for IS-IS routes
is based on the following standards:
To enable link protection, include the link-protection statement at the [edit protocols isis
interface interface-name] hierarchy level:
[edit]
protocols {
isis {
interface interface-name {
161
link-protection;
}
}
}
162
configuring RSVP LSPs as backup paths. To configure a specific RSVP LSP as a backup
path, include the backup statement at the [edit protocols mpls label-switched-path
lsp-name] hierarchy level:
[edit]
protocols {
mpls {
label-switched-path lsp-name {
backup;
to ip-address;
}
}
}
When configuring an LSP, you must specify the IP address of the egress routing device
with the to statement. For detailed information about configuring LSPs and RSVP, see
the Junos OS MPLS Applications Library for Routing Devices.
show isis backup label-switched-pathDisplays which MPLS LSPs have been designated
show isis backup spf resultsDisplays SPF calculations for each neighbor for a given
show isis backup coverageDisplays the percentage of nodes and prefixes for each
show isis interface detailDisplays the type of protection (link or node-link) applied
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
163
Requirements
This example requires Junos OS Release 9.5 or later.
No special configuration beyond device initialization is required before configuring this
example.
Overview
In this example, core-facing interfaces are enabled for IS-IS Level 2, LDP, and RSVP.
Node-link protection is enabled on all the core-facing interfaces, which means that if the
primary next hop for any destination that traverses the interfaces becomes unavailable,
Junos OS uses a backup link that avoids the next-hop router altogether if necessary.
You also need to configure a routing policy that requires all traffic to use per-packet load
balancing in order to enable Packet Forwarding Engine local repair. With local repair, the
Packet Forwarding Engine can correct a path failure and implement a backup loop-free
alternate route before it receives recomputed paths from the Routing Engine.
Figure 17 on page 164 shows the topology used in this example.
CE1
.1
10.0.0.0/30
.2
PE1
10.0.0.4/30
.5
.6
.21
P1
10.0.0.8/30
.9
.10
.25
P2
10.0.0.12/30
.13
.14
PE2
.29 .17
lo0,0 Addresses
10.255.1.1
10.255.2.2
10.255.3.3
10.255.4.4
10.255.7.7
10.255.5.5
10.255.6.6
10.0.0.24/30
10.0.0.16/30
.18
.26
10.0.0.20/30
.22
P3
.30
10.0.0.28/30
CE2
g041275
CE1
PE1
P1
P2
P3
PE2
CE2
On Device PE1, an RSVP LSP is configured as a backup path for IS-IS. Relying on the
shortest-path-first (SPF) calculation of backup paths for one-hop neighbors might result
in less than 100 percent backup coverage for a specific network topology. You can enhance
coverage of IS-IS and LDP LSPs by configuring RSVP LSPs as backup paths. To configure
a specific RSVP LSP as a backup path, include the backup statement at the [edit protocols
mpls label-switched-path lsp-name] hierarchy level.
CLI Quick Configuration on page 164 shows the configuration for all of the devices in
Figure 17 on page 164. The section Step-by-Step Procedure on page 168 describes the
steps on Device P1.
Configuration
CLI Quick
Configuration
164
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device CE1
Device PE1
Device P1
165
166
Device P2
Device P3
Device PE2
167
Device CE2
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure multi-level IS-IS:
1.
2.
3.
Enable IS-IS node-link protection, which also automatically extends backup coverage
to all LDP LSPs.
[edit protocols]
user@P1# set isis interface all node-link-protection
4.
5.
Configure MPLS to use both RSVP and LDP label-switched paths (LSPs).
[edit protocols]
user@P1# set mpls interface all
user@P1# set mpls interface fxp0.0 disable
user@P1# set rsvp interface all
168
7.
To enable Packet Forwarding Engine local repair, establish a policy that forces the
routing protocol process to install all the next hops for a given route.
This policy ensures that the backup route is installed in the forwarding table used
by the Packet Forwarding Engine to forward traffic to a given destination.
[edit policy-options policy-statement ecmp term 1]
user@P1# set then load-balance per-packet
8.
Apply the policy to the forwarding table of the local router with the export statement.
[edit routing-options forwarding-table]
user@P1# set export ecmp
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, show policy-options, and show routing-options commands. If the output
does not display the intended configuration, repeat the instructions in this example to
correct the configuration.
user@P1# show interfaces
fe-1/2/0 {
unit 0 {
family inet {
address 10.0.0.6/30;
}
family iso;
family mpls;
}
}
fe-1/2/1 {
unit 0 {
family inet {
address 10.0.0.9/30;
}
family iso;
family mpls;
}
}
fe-1/2/2 {
unit 0 {
family inet {
address 10.0.0.25/30;
}
family iso;
family mpls;
}
}
169
lo0 {
unit 0 {
family inet {
address 10.255.3.3/32;
}
family iso {
address 49.0001.0010.0000.0303.00;
}
}
}
user@P1# show protocols
rsvp {
interface all;
interface fxp0.0 {
disable;
}
}
mpls {
interface all;
interface fxp0.0 {
disable;
}
}
isis {
spf-options delay 1000;
interface all {
node-link-protection;
level 2 metric 10;
level 1 disable;
}
interface fxp0.0 {
disable;
}
interface lo0.0 {
level 2 metric 0;
}
}
ldp {
deaggregate;
interface all;
interface fxp0.0 {
disable;
}
}
user@P1# show policy-options
policy-statement ecmp {
term 1 {
then {
load-balance per-packet;
}
}
}
user@P1# show routing-options
forwarding-table {
170
export ecmp;
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Checking Which Next-Hop Neighbors Are Designated as Backup Paths to the Destination
Node on page 171
Action
Meaning
171
Meaning
The output indicates whether a specific interface or node has been designated as a
backup path and why.
172
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
Meaning
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
The level of backup coverage available through IS-IS routes depends on the actual
network topology and is typically less than 100 percent for all destinations on any given
routing device. You can extend backup coverage to include RSVP LSPs.
Action
On all nodes in the IS-IS domain, check the type and percentage of protected nodes and
prefixes.
From operational mode, enter the show isis interface detail command.
user@PE1> show isis interface detail
IS-IS interface database:
lo0.0
Index: 76, State: 0x6, Circuit id: 0x1, Circuit type: 0
LSP interval: 100 ms, CSNP interval: disabled
Adjacency advertisement: Advertise
Level Adjacencies Priority Metric Hello (s) Hold (s) Designated
1
0
64
0 Passive
2
0
64
0 Passive
fe-1/2/2.0
Index: 79, State: 0x6, Circuit id: 0x1, Circuit type: 2
LSP interval: 100 ms, CSNP interval: 10 s
Adjacency advertisement: Advertise
Protection Type: Node Link
Level Adjacencies Priority Metric Hello (s) Hold (s) Designated
2
1
64
10
9.000
27 P3.03 (not
fe-1/2/1.0
Index: 77, State: 0x6, Circuit id: 0x1, Circuit type: 2
LSP interval: 100 ms, CSNP interval: 10 s
Adjacency advertisement: Advertise
Protection Type: Node Link
Level Adjacencies Priority Metric Hello (s) Hold (s) Designated
2
1
64
10
9.000
27 P1.02 (not
Meaning
Related
Documentation
Router
Router
us)
Router
us)
173
Calculates the reverse shortest path first from the adjacent router across the protected
link of a PLR. The reverse shortest path first uses the incoming link metric instead of
the outgoing link metric to reach a neighboring node.
The result is a set of links and nodes, which is the shortest path from each leaf node
to the root node.
2. Calculates the shortest path first (SPF) on the remaining adjacent routers to find the
list of nodes that can be reached without traversing the link being protected.
The result is another set of links and nodes on the shortest path from the root node
to all leaf nodes.
3. Determines the common nodes from the above results, These nodes are the remote
LFAs.
IS-IS listens to the advertised labels for the LDP routes. For each advertised LDP route,
IS-IS checks if it contains an LDP supplied next hop. If the corresponding IS-IS route does
have a backup next hop, then IS-IS runs the backup policy and adds an additional tracking
route with the corresponding LDP label-switched path next hop as the backup next hop.
If there are no backup next hops, LDP builds a dynamic LDP tunnel to the remote LFA,
and LDP establishes a targeted adjacency between the remote LFA node and the PLR
node. This backup route has two LDP labels. The top label is the IS-IS route, which denotes
the backup path from the PLR to the remote LFA route. The bottom label is the LDP
MPLS label-switched path that denotes the route for reaching the ultimate destination
from the remote LFA. When an LDP session goes down and a remote tunnel is no longer
available, IS-IS changes all the routes that have been using this backup LDP tunnel.
174
NOTE: Currently, Junos OS supports only IPv4 transport LSPs. If you need to
reuse IPv4 transport LSPs for IPv6 IGP networks, add an IPv6 explicit NULL
label to the label stack of the tracking route. The system automatically
converts the IPv4 LSP to an IPv6 LSP.
LDP might be vulnerable by an automatically targeted adjacency, and these threats can
be mitigated using all or some of the following mechanisms:
Related
Documentation
Remote LFAs that are several hops away use extended hello messages to indicate
willingness to establish a targeted LDP session. A remote LFA can reduce the threat
of spoofed extended hellos by filtering them and accepting only those originating at
sources permitted by an access or filter list.
There is a need to TCP-MD5 authenticate all auto-targeted LDP sessions in the given
IGP/LDP domain using apply-groups or LDP global-level authentication.
As an added security measure, the repair or remote tunnel endpoint routers should be
assigned from a set of addresses that are not reachable from outside of the routing
domain.
auto-targeted-session
Configuring Remote LFA Backup over LDP Tunnels in an IS-IS Network on page 175
Example: Configuring Remote LFA over LDP Tunnels in IS-IS Networks on page 177
2. Make sure that remote LFA allows asymmetric remote neighbor discovery, that is, it
must send periodic targeted hellos to the router that initiated the remote neighbor
for LDP auto-targeted adjacency.
175
Enable remote LFA backup to determine the backup next hop using dynamic LDP
label-switched path.
[edit protocols isis backup-spf-options]
user@host# set remote-backup-calculation
usage.
[edit protocols ldp auto-targeted-session]
user@host# set maximum-sessions number of sessions
Related
Documentation
176
auto-targeted-session
Requirements
This example uses the following hardware and software components:
Six MX Series routers with IS-IS protocol and LDP enabled on the connected interfaces.
Before you configure remote LFA over LDP tunnels in IS-IS networks, make sure of the
following:
LDP is enabled on the loopback interface. Without a loopback interface, LDP targeted
adjacency cannot be formed. Remote LFA cannot be configured without LDP targeted
adjacency.
Remote LFA must allow asymmetric remote neighbor discovery, that is, it must send
periodic targeted hellos to the router that initiated the remote neighbor for LDP auto
targeted adjacency.
Link protection or node-link protection must be configured on the point of local repair
(PLR).
Overview
The example includes six routers in a ring topology. Configure the IS-IS protocol on the
directly connected interfaces. Device R1 is the PLR. This example verifies that Junos OS
updates the routing table of Device R1 with LDP next-hop routes as the backup route.
Topology
Figure 18 on page 178 shows the topology used in this example.
177
Figure 18: Configuring Remote LFA over LDP Tunnels in IS-IS Networks
Configuration
CLI Quick
Configuration
Router R1
178
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, copy and paste the commands into the CLI at the [edit] hierarchy level,
and then enter commit from configuration mode.
set interfaces ge-1/0/0 unit 1 description R1->R2
set interfaces ge-1/0/0 unit 1 family inet address 1.1.1.1/24
set interfaces ge-1/0/0 unit 1 family iso
set interfaces ge-1/0/0 unit 1 family mpls
set interfaces ge-1/5/0 unit 12 description R1->R6
set interfaces ge-1/5/0 unit 12 family inet address 1.1.6.12/24
set interfaces ge-1/5/0 unit 12 family iso
set interfaces ge-1/5/0 unit 12 family mpls
set interfaces lo0 unit 10 family inet address 10.255.102.128/32
set interfaces lo0 unit 10 family iso address 49.0001.1720.1600.1010.00
set protocols isis interface ge-1/0/0.1
set protocols isis interface ge-1/5/0.12 link-protection
set protocols isis interface lo0.12 passive
set protocols isis interface all level 2 metric 10
set protocols isis interface fxp0.0 disable
Router R2
Router R3
179
180
Router R4
Router R5
Router R6
Configuring Device R1
Step-by-Step
Procedure
The following example requires that you navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
NOTE: Repeat this procedure except Step 4 and 5 for every Juniper Networks
router in the IGP domain, modifying the appropriate interface names,
addresses, and any other parameters.
181
3.
Configure the IS-IS interface for level 2 and the metric value on all the interfaces,
and enable link protection on the protected interface.
[edit protocols isis]
user@R1# set interface all level 2 metric 10
user@R1# set interface lo0.12 passive
user@R1# set interface fxp0.0 disable
user@R1# set interface ge-1/0/0.1
user@R1# set interface ge-1/5/0.12 link-protection
4.
Enable IS-IS node-link protection, which also automatically extends backup coverage
to all LDP label-switched paths.
[edit protocols isis]
user@R1# set spf-options delay 1000
user@R1# set interface all node-link-protection
5.
Enable remote LFA backup which calculates the backup next hop using dynamic
LDP label-switched path.
(Optional) When you include the node link degradation statement even if node
protection LFA is not configured for a given destination, the device uses the
configured link protection LFA as the backup for the primary link.
[edit protocols isis]
user@R1# set backup-spf-options remote-backup-calculation
user@R1# set backup-spf-options node-link-degradation
6.
Configure MPLS to use LDP label-switched paths for all interfaces on the device.
[edit protocols]
user@R1# set mpls interface all
user@R1# set mpls interface fxp0.0 disable
user@R1# set ldp interface all
user@R1# set ldp interface fxp0.0 disable
7.
Specify a time interval for which the targeted LDP sessions are kept up when the
remote LFA goes down, and specify a maximum number of automatically, targeted
LDP sessions to optimize the use of memory.
[edit protocols ldp]
user@R1# set auto-targeted-session
user@R1# set auto-targeted-session teardown-delay 60
user@R1# set auto-targeted-session maximum-sessions 20
8.
182
To enable Packet Forwarding Engine local repair, establish a policy that forces the
routing protocol process to install all the next hops for a given route.
9.
This policy ensures that the backup route is installed in the forwarding table used
by the Packet Forwarding Engine to forward traffic to a given destination.
[edit policy-options]
user@R1# set policy-options policy-statement ecmp term 1
user@R1# set then load-balance per-packet
10.
Apply the policy to the forwarding table of the local router with the export statement.
[edit routing-options forwarding-table]
user@R1# set export ecmp
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, show policy-options, and show routing-options commands. If the
output does not display the intended configuration, repeat the instructions in this example
to correct the configuration.
user@R1# show interfaces
ge-1/0/0 {
unit 1 {
description R1->R2;
family inet {
address 1.1.1.1/24;
}
family iso;
family mpls;
}
}
ge-1/5/0 {
unit 12 {
description R1->R6;
family inet {
address 1.1.6.12/24;
}
family iso;
family mpls;
}
}
lo0 {
unit 10 {
family inet {
address 10.255.102.128/32;
}
family iso {
address 49.0001.1720.1600.1010.00;
}
}
}
user@R1# show protocols
mpls {
interface all;
183
interface fxp0.0 {
disable;
}
}
isis {
spf-options delay 1000;
backup-spf-options {
remote-backup-calculation;
node-link-degradation;
}
interface ge-1/0/0.1;
interface ge-1/5/0.12; {
link-protection;
}
interface all {
node-link-protection;
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
interface lo0.12 {
passive;
}
}
ldp {
auto-targeted-session {
teardown-delay 60;
maximum-sessions 20;
}
deaggregate;
interface all;
interface fxp0.0 {
disable;
}
}
user@R1# show policy-options
policy-options {
policy-statement ecmp {
term 1 {
then {
load-balance per-packet;
}
}
}
}
user@R1# show routing-options
forwarding-table {
export ecmp;
}
184
If you are done configuring the device, enter commit from the configuration mode.
Verification
Confirm that the configuration is working properly.
Meaning
The output shows all the routes in the routing table of Device R1.
185
Display all the LDP backup routes in the IS-IS routing table of Device R1.
On Device R1, from operational mode, run the show isis route command to display the
routes in the IS-IS routing table.
user@R1> show isis route
IS-IS routing table
IPv4/IPv6 Routes
---------------Prefix
L Version
Backup Score
1.1.2.0/24
1
558
NH
Via
20 int
lt-1/2/0.1
IPV4 tp3-R2
1.1.3.0/24
558
30 int
lt-1/2/0.1
IPV4 tp3-R2
1.1.4.0/24
558
30 int
lt-1/2/0.12
IPV4 tp3-R6
lt-1/2/0.1
LSP
lt-1/2/0.12
IPV4 tp3-R6
lt-1/2/0.1
LSP
lt-1/2/0.12
IPV4 tp3-R6
lt-1/2/0.1
LSP
LDP->tp3-R4(10.255.102.156)
1.1.5.0/24
1
558
LDP->tp3-R4(10.255.102.156)
10.255.102.136/32 1
558
20 int
10 int
LDP->tp3-R4(10.255.102.156)
10.255.102.146/32 1
558
20 int
lt-1/2/0.1
IPV4 tp3-R2
10.255.102.156/32
30 int
lt-1/2/0.1
IPV4 tp3-R2
lt-1/2/0.12
IPV4 tp3-R6
lt-1/2/0.12
IPV4 tp3-R6
lt-1/2/0.1
LSP
lt-1/2/0.1
IPV4 tp3-R2
10.255.102.166/32
558
558
LDP->tp3-R4(10.255.102.156)
10.255.102.178/32 1
558
Meaning
20 int
10 int
The output shows all the LDP backup routes in the IS-IS routing table of Device R1.
186
Action
From operational mode, enter the show ldp session auto-targeted detail command.
user@R1> show ldp session auto-targeted detail
Address: 10.255.102.156, State: Operational, Connection: Open, Hold time: 21
Session ID: 10.255.102.128:0--10.255.102.156:0
Next keepalive in 1 seconds
Passive, Maximum PDU: 4096, Hold time: 30, Neighbor count: 1
Neighbor types: auto-targeted
Keepalive interval: 10, Connect retry interval: 1
Local address: 10.255.102.128, Remote address: 10.255.102.156
Up for 11:38:23
Capabilities advertised: none
Capabilities received: none
Protection: disabled
Session flags: none
Local - Restart: disabled, Helper mode: enabled
Remote - Restart: disabled, Helper mode: enabled
Local maximum neighbor reconnect time: 120000 msec
Local maximum neighbor recovery time: 240000 msec
Local Label Advertisement mode: Downstream unsolicited
Remote Label Advertisement mode: Downstream unsolicited
Negotiated Label Advertisement mode: Downstream unsolicited
MTU discovery: disabled
Nonstop routing state: Not in sync
Next-hop addresses received:
1.1.3.6
1.1.4.7
10.255.102.156
Meaning
Display the remote LFA next hop determined for a given destination.
From operational mode, enter the show isis backup spf results command.
user@R1> show isis backup spf results R6
IS-IS level 1 SPF results:
R6.00
Primary next-hop: ge-1/5/0, IPV4, R6, SNPA: 0:5:85:88:f0:bc
Root: R6, Root Metric: 10, Metric: 0, Root Preference: 0x0
Not eligible, IPV4, Reason: Primary next-hop link fate sharing
Root: R2, Root Metric: 10, Metric: 20, Root Preference: 0x0
track-item: R6.00-00
track-item: R1.00-00
Not eligible, IPV4, Reason: Path loops
Root: R4, Root Metric: 30, Metric: 20, Root Preference: 0x0
track-item: R6.00-00
track-item: R4.00-00
Eligible, Backup next-hop: ge-1/0/0, LSP, LDP->R4(10.255.102.156), Prefixes: 2
1 nodes
IS-IS level 2 SPF results:
R6.00
Primary next-hop: ge-1/5/0, IPV4, R6, SNPA: 0:5:85:88:f0:bc
Root: R6, Root Metric: 10, Metric: 0, Root Preference: 0x0
187
Meaning
Related
Documentation
188
The output indicates whether a specific interface or node has been designated as a
remote backup path and why.
Understanding Remote LFA over LDP Tunnels in IS-IS Networks on page 174
auto-targeted-session
CHAPTER 8
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
Example: Enabling Wide IS-IS Metrics for Traffic Engineering on page 213
NOTE: Whenever possible, use IS-IS interior gateway protocol (IGP) shortcuts
instead of traffic engineering shortcuts.
The traffic engineering extensions are defined in RFC 5305, IS-IS Extensions for Traffic
Engineering.
189
the LSP to function as a direct link to the egress routing device and to be used as input
to IS-IS SPF calculations. When used in this way, LSPs are no different than Asynchronous
Transfer Mode (ATM) and Frame Relay virtual circuits (VCs), except that LSPs carry only
IPv4 traffic.
Related
Documentation
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
If an LSP connects Router A to Router D and if IGP shortcuts are enabled on Router A,
you might have the SPF tree shown in Figure 20 on page 190.
190
Router A decides between the two choices by comparing the IGP metrics for path ABD
with the LSP metrics for LSP AD. If the IGP metric is lower, path ABD is chosen
(Figure 19 on page 190). If the LSP metric is lower, LSP AD is used (Figure 20 on page 190).
If both metrics are equal, LSP AD is chosen because LSPs are preferred over IGP paths.
Note that Routers E and F are also reachable through LSP AD, because they are
downstream from Router D in the SPF tree.
Assuming that another LSP connects Router A to Router E, you might have the SPF tree
shown in Figure 21 on page 191.
Figure 21: Modified SPF Tree, Using LSP AD and LSP AE as Shortcuts
Related
Documentation
Requirements
No special configuration beyond device initialization is required before configuring this
example.
191
Overview
MPLS traffic engineering maps certain data flows to established label-switched paths
(LSPs) rather than to data links calculated by the interior gateway protocol (IGP) to be
part of the best (shortest) path. Fundamental to this function is the determination of
what traffic is to be mapped to an LSP. Traffic is mapped to an LSP at the tunnel's ingress
label switching router (LSR) by designating the egress LSR as the next-hop router for
certain destination prefixes.
It is important to understand that the LSP does not constitute an entire route to a
destination. Rather, the LSP is a next-hop segment of the route. Therefore, packets can
only be mapped to an LSP if the egress LSR is considered to be a feasible next-hop
candidate during the route resolution process.
Figure 22 on page 192 shows the topology used in this example.
Prefixes
10.2.0.0/16
10.3.0.0/16
AS 2
G
.26
10.0.0.24/30
.25
A
10.0.0.4/30
.5
fe-1/2/1
.6
.9
10.0.0.8/30
.10
10.0.0.12/30
C
.13
.14
.29
fe-1/2/0 .1
10.0.0.28/30
.2
.30
.17
.18
10.0.0.16/30
AS 1
g041306
LSP A-C
10.0.0.0/30
In this example, Device C has an external BGP (EBGP) peer session with Device G in
autonomous system (AS) 65520. In order to enable its internal BGP (IBGP) peers to
access subnets in AS 65520, Device G runs IS-IS passively on its interface connecting to
Device G. IS-IS has information about the external subnets and enters routes to these
subnets in the inet.0 routing table. BGP, when resolving the next-hop addresses of
AS-external routes, uses the IGP route.
192
Device A has an LSP to Device C. The path is configured to always go through Device E,
rather than going through Device B.
Interior gateway protocol (IGP) shortcuts, also called traffic-engineering shortcuts,
provide a tool by which the link-state IGP (OSPF or IS-IS) in an AS can consider an LSP
in its shortest-path-first (SPF) calculations. If using passive external interfaces, the IGP
views an LSP as a single data link toward the destinations beyond the LSP egress device.
When you use traffic-engineering bgp (which is the default) and IGP shortcuts, the traffic
engineering solution is used for BGP AS-external route resolution only. However, traffic
to AS-internal destinations can also be mapped to LSPs. To accomplish this,
traffic-engineering bgp-igp is enabled. Thus, RSVP installs the MPLS prefixes into the
inet.0 table rather than the inet.3 table. As a result, the MPLS LSPs are installed in the
forwarding table.
This approach finds practical application whenever heavy traffic is routed to specific
destinations within an AS, such as server farms.
An important point about IGP shortcuts, whether used alone or in conjunction with
traffic-engineering BGP-IGP, is that IGP adjacencies are never formed across the LSPs.
The IGP sees the LSP as a single data link, but does not view the egress router as a
potential peer and does not forward hello messages across the LSP. Also, RSVP messages
are never forwarded over LSPs, preventing the possibility of an LSP being inadvertently
built within another LSP.
CLI Quick Configuration on page 193 shows the configuration for all of the devices in
Figure 22 on page 192. The section Step-by-Step Procedure on page 197 describes the
steps on Device A.
Configuration
CLI Quick
Configuration
Device A
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set interfaces fe-1/2/0 unit 0 family inet address 10.0.0.1/30
set interfaces fe-1/2/0 unit 0 family iso
set interfaces fe-1/2/0 unit 0 family mpls
set interfaces fe-1/2/1 unit 0 family inet address 10.0.0.5/30
set interfaces fe-1/2/1 unit 0 family iso
set interfaces fe-1/2/1 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 192.168.0.1/32
set interfaces lo0 unit 0 family iso address 49.0002.0192.0168.0001.00
set protocols rsvp interface lo0.0
set protocols rsvp interface fe-1/2/0.0
set protocols rsvp interface fe-1/2/1.0
set protocols mpls traffic-engineering bgp-igp
set protocols mpls label-switched-path test_path to 192.168.0.3
set protocols mpls label-switched-path test_path no-cspf
set protocols mpls label-switched-path test_path primary through_E
set protocols mpls path through_E 192.168.0.5 strict
set protocols mpls interface fe-1/2/0.0
set protocols mpls interface fe-1/2/1.0
193
194
Device B
Device C
Device D
Device E
195
196
Device F
Device G
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS traffic-engineering shortcuts:
1.
2.
3.
4.
5.
6.
197
8.
Configure IS-IS to use MPLS LSPs as next hops for the IPv4 address family.
It is only necessary to enable IGP shortcuts on the ingress router because that is the
router performing the shortest-path-first (SPF) calculations.
It is important to understand how IGP shortcuts affect the protocol and routing
table relationship. The IGP performs SPF calculations to subnets downstream of
LSP egress points, but the results of these calculations are entered into the inet.3
table only. At the same time, the IGP performs its traditional SPF calculations and
enters the results of these calculations into the inet.0 table. The result is that
although the IGP is making entries into the inet.3 table, BGP is still the only protocol
with visibility into that table for the purposes of route resolution. Therefore,
forwarding to AS-internal destinations still uses the inet.0 IGP routes, and the LSPs
are only used for BGP next-hop resolution. If you want the LSPs to be used for IGP
next-hop resolution, you must configure traffic-engineering bgp-igp.
[edit protocols isis]
user@A# set traffic-engineering family inet shortcuts
9.
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, and show routing-options commands. If the output does not display the
intended configuration, repeat the instructions in this example to correct the configuration.
user@A# show interfaces
fe-1/2/0 {
unit 0{
family inet {
address 10.0.0.1/30;
}
family iso;
family mpls;
}
}
fe-1/2/1{
unit 0
family inet {
address 10.0.0.5/30;
}
family iso;
family mpls;
198
}
}
lo0 {
unit 0{
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
}
}
user@A# show protocols
rsvp {
interface lo0.0;
interface fe-1/2/0.0;
interface fe-1/2/1.0;
}
mpls {
traffic-engineering bgp-igp;
label-switched-path test_path {
to 192.168.0.3;
no-cspf;
primary through_E;
}
path through_E {
192.168.0.5 strict;
}
interface fe-1/2/0.0;
interface fe-1/2/1.0;
}
bgp {
group int {
type internal;
local-address 192.168.0.1;
neighbor 192.168.0.5;
neighbor 192.168.0.6;
neighbor 192.168.0.2;
neighbor 192.168.0.3;
}
}
isis {
traffic-engineering {
family inet {
shortcuts;
}
}
interface fe-1/2/0.0 {
level 1 disable;
}
interface fe-1/2/1.0 {
level 1 disable;
}
interface lo0.0;
}
199
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Checking the Paths with Different Traffic Engineering Settings on page 203
Verify that the MPLS LSP is used as the next hop in the expected routes.
From operational mode, enter the show route command.
user@A> show route
inet.0: 21 destinations, 21 routes (21 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.0/30
10.0.0.1/32
10.0.0.4/30
10.0.0.5/32
10.0.0.8/30
10.0.0.12/30
10.0.0.16/30
10.0.0.20/30
10.0.0.24/30
10.0.0.28/30
10.2.0.0/32
10.2.1.1/32
10.3.0.0/32
10.3.1.1/32
200
*[Direct/0] 4d 09:07:26
>
via fe-1/2/0.0
*[Local/0] 4d 09:07:26
Local via fe-1/2/0.0
*[Direct/0] 4d 09:07:28
>
via fe-1/2/1.0
*[Local/0] 4d 09:07:28
Local via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 20
> to 10.0.0.6 via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 30
> to 10.0.0.6 via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 20
> to 10.0.0.2 via fe-1/2/0.0
*[IS-IS/18] 01:42:24, metric 30
> to 10.0.0.2 via fe-1/2/0.0
*[IS-IS/18] 01:42:24, metric 30
> to 10.0.0.6 via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 30
to 10.0.0.6 via fe-1/2/1.0
> to 10.0.0.2 via fe-1/2/0.0
*[BGP/170] 02:22:30, localpref 100, from 192.168.0.3
AS path: 2 I, validation-state: unverified
> to 10.0.0.2 via fe-1/2/0.0, label-switched-path test_path
*[BGP/170] 02:20:23, localpref 100, from 192.168.0.3
AS path: 2 I, validation-state: unverified
> to 10.0.0.2 via fe-1/2/0.0, label-switched-path test_path
*[BGP/170] 02:22:30, localpref 100, from 192.168.0.3
AS path: 2 I, validation-state: unverified
> to 10.0.0.2 via fe-1/2/0.0, label-switched-path test_path
*[BGP/170] 02:20:23, localpref 100, from 192.168.0.3
AS path: 2 I, validation-state: unverified
> to 10.0.0.2 via fe-1/2/0.0, label-switched-path test_path
192.168.0.1/32
192.168.0.2/32
192.168.0.3/32
192.168.0.4/32
192.168.0.5/32
192.168.0.6/32
192.168.0.7/32
*[Direct/0] 4d 09:08:47
>
via lo0.0
*[IS-IS/18] 01:42:24, metric 10
> to 10.0.0.6 via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 20
> to 10.0.0.6 via fe-1/2/1.0
*[IS-IS/18] 01:42:24, metric 30
> to 10.0.0.6 via fe-1/2/1.0
to 10.0.0.2 via fe-1/2/0.0
*[IS-IS/18] 01:42:24, metric 10
> to 10.0.0.2 via fe-1/2/0.0
*[IS-IS/18] 01:42:24, metric 20
> to 10.0.0.2 via fe-1/2/0.0
*[BGP/170] 02:20:23, localpref 100, from 192.168.0.3
AS path: 2 I, validation-state: unverified
> to 10.0.0.2 via fe-1/2/0.0, label-switched-path test_path
192.168.0.4/32
test_path
test_path
test_path
test_path
test_path
test_path
Meaning
*[MPLS/0] 4d 09:10:00,
Receive
*[MPLS/0] 4d 09:10:00,
Receive
*[MPLS/0] 4d 09:10:00,
Receive
*[MPLS/0] 4d 09:10:00,
Receive
metric 1
metric 1
metric 1
metric 1
IS-IS chooses the LSP as the shortest path to destinations downstream of the LSP egress
device. Additionally, because the IGP uses the LSP to reach external subnet 10.0.0.24/30,
BGP also uses the LSP in its routes to 10.2.0.0 and 10.3.0.0.
If next-hop self were used at Device C, BGP would still choose the LSP over the IGP path.
201
Meaning
202
On all four routing devices, the ingress and egress IP addresses of the LSP are shown.
The path is shown as an ingress path at Device A, and packets forwarded on the LSP are
assigned a label of 299776. At Device E, the LSP is transit, and packets arriving with a
label of 299776 are given an outgoing label of 299808. The labels have significance only
Action
Check the paths used for IGP and BGP routes when traffic-engineering bgp-igp is used
and when traffic-engineering bgp (the default) is used.
1.
2. Use the show route forwarding-table command to check the paths when
default) is configured.
user@A> traceroute 10.2.1.1
traceroute to 10.2.1.1 (10.2.1.1), 30 hops max, 40 byte packets
1 10.0.0.2 (10.0.0.2) 11.086 ms 1.587 ms 1.603 ms
MPLS Label=299776 CoS=0 TTL=1 S=1
2 10.0.0.18 (10.0.0.18) 1.455 ms 1.477 ms 1.442 ms
MPLS Label=299808 CoS=0 TTL=1 S=1
3 10.0.0.29 (10.0.0.29) 2.240 ms 1.045 ms 1.243 ms
4 10.2.1.1 (10.2.1.1) 1.363 ms 1.389 ms 1.374 ms
user@A> traceroute 192.168.0.3
traceroute to 192.168.0.3 (192.168.0.3), 30 hops max, 40 byte packets
1 10.0.0.6 (10.0.0.6) 1.759 ms 1.872 ms 2.281 ms
2 bb03-cclab-lo0.spglab.juniper.net (192.168.0.3) 2.119 ms 2.157 ms
ms
1.598
This removes traffic-engineering bgp from the configuration because only one MPLS
traffic engineering setting can be configured in each routing instance.
[edit protocols mpls]
user@A# set traffic-engineering bgp-igp
203
user@A# commit
5. Use the show route forwarding-table command to check the paths when
configured.
user@A> traceroute 10.2.1.1
traceroute to 10.2.1.1 (10.2.1.1), 30 hops max, 40 byte packets
1 10.0.0.2 (10.0.0.2) 2.348 ms 1.475 ms 1.434 ms
MPLS Label=299776 CoS=0 TTL=1 S=1
2 10.0.0.18 (10.0.0.18) 1.507 ms 2.307 ms 1.911 ms
MPLS Label=299808 CoS=0 TTL=1 S=1
3 10.0.0.29 (10.0.0.29) 1.743 ms 1.645 ms 1.940 ms
4 10.2.1.1 (10.2.1.1) 2.041 ms 1.977 ms 2.233 ms
user@A> traceroute 192.168.0.3
traceroute to 192.168.0.3 (192.168.0.3), 30 hops max, 40 byte packets
1 10.0.0.2 (10.0.0.2) 1.721 ms 2.558 ms 2.229 ms
MPLS Label=299776 CoS=0 TTL=1 S=1
2 10.0.0.18 (10.0.0.18) 2.505 ms 1.462 ms 1.408 ms
MPLS Label=299808 CoS=0 TTL=1 S=1
3 bb03-cclab-lo0.spglab.juniper.net (192.168.0.3) 1.371 ms 1.422 ms
ms
Meaning
1.351
204
Related
Documentation
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
Figure 23 on page 206 shows the topology used in this example.
205
.5
10
.6
.1 10.0.0.4/30
.9
10
10.0.0.8/30
.10
15
10 10.0.0.0/30
.13
10
.14
D
10.0.0.12/30
.22
10.0.0.20/30 10
LSP E-D
.2
Lo0:
A 192.168.0.1
B 192.168.0.2
C 192.168.0.3
D 192.168.0.4
E 192.168.0.5
F 192.168.0.6
20
.17 10.0.0.16/30 .18
.21
F
g041304
The example shows how to configure the LSP from Device E to Device D and then
advertise this path through IS-IS. The configuration is verified by performing a traceroute
operation from Device A to Device D and making sure that the LSP is used for forwarding.
CLI Quick Configuration on page 206 shows the configuration for all of the devices in
Figure 23 on page 206. The section Step-by-Step Procedure on page 208 describes the
steps on Device E.
Configuration
CLI Quick
Configuration
206
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device A
Device B
Device C
Device D
Device E
207
Device F
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To advertise LSPs into IS-IS:
1.
208
3.
4.
5.
Configure internal BGP (IBGP) peering among the devices that must run MPLS.
[edit protocols bgp group int]
user@E# set type internal
user@E# set local-address 192.168.0.5
user@E# set neighbor 192.168.0.6
user@E# set neighbor 192.168.0.1
user@E# set neighbor 192.168.0.4
6.
7.
8.
209
Results
From configuration mode, confirm your configuration by entering the show interfaces,
show protocols, and show routing-options commands. If the output does not display the
intended configuration, repeat the instructions in this example to correct the configuration.
user@E# show interfaces
fe-1/2/0 {
unit 0 {
family inet {
address 10.0.0.2/30;
}
family iso;
family mpls;
}
}
fe-1/2/1 {
unit 0 {
family inet {
address 10.0.0.17/30;
}
family iso;
family mpls;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.5/32;
}
family iso {
address 49.0002.0192.0168.0005.00;
}
}
}
user@E# show protocols
rsvp {
interface lo0.0;
interface fe-1/2/0.0;
interface fe-1/2/1.0;
}
mpls {
label-switched-path E-D {
to 192.168.0.4;
}
interface fe-1/2/0.0;
interface fe-1/2/1.0;
}
bgp {
group int {
type internal;
local-address 192.168.0.5;
neighbor 192.168.0.6;
neighbor 192.168.0.1;
neighbor 192.168.0.4;
}
}
210
isis {
interface fe-1/2/0.0 {
level 1 disable;
}
interface fe-1/2/1.0 {
level 1 disable;
level 2 metric 20;
}
interface lo0.0;
label-switched-path E-D {
level 2 metric 15;
}
}
user@E# show routing-options
router-id 192.168.0.5;
autonomous-system 1;
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Action
Verify that another neighbor is listed and is reachable over the LSP. The interface field
indicates the name of the LSP.
From operational mode, enter the show isis adjacency detail command.
user@E> show isis adjacency detail
D
Interface: E-D, Level: 2, State: One-way, Expires in 0 secs
Priority: 0, Up/Down transitions: 1, Last transition: 1d 00:34:58 ago
Circuit type: 3, Speaks: IP
Topologies: Unicast
Restart capable: No, Adjacency advertisement: Advertise
IP addresses: 192.168.0.4
F
Interface: fe-1/2/1.0, Level: 2, State: Up, Expires in 7 secs
Priority: 64, Up/Down transitions: 1, Last transition: 1d 01:16:22 ago
Circuit type: 2, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bd
Topologies: Unicast
Restart capable: Yes, Adjacency advertisement: Advertise
LAN id: F.02, IP addresses: 10.0.0.18
A
Interface: fe-1/2/0.0, Level: 2, State: Up, Expires in 20 secs
Priority: 64, Up/Down transitions: 1, Last transition: 1d 01:17:20 ago
Circuit type: 2, Speaks: IP, IPv6, MAC address: 0:5:85:8f:c8:bc
Topologies: Unicast
211
Meaning
As expected, Interface: E-D is shown in the output, and the state is shown as One-way.
Meaning
2 SPF results:
Metric
Interface
30
fe-1/2/0.0
25
fe-1/2/1.0
25
fe-1/2/1.0
25
fe-1/2/1.0
20
fe-1/2/1.0
20
fe-1/2/0.0
20
fe-1/2/0.0
15
fe-1/2/1.0
10
fe-1/2/0.0
10
0
NH
NH
IPV4 A
LSP E-D
LSP E-D
LSP E-D
IPV4 F
IPV4 A
IPV4 A
LSP E-D
IPV4 A
Via
Via
SNPA
SNPA
0:5:85:8f:c8:bc
0:5:85:8f:c8:bd
0:5:85:8f:c8:bc
0:5:85:8f:c8:bc
0:5:85:8f:c8:bc
Action
Meaning
Related
Documentation
212
Verify that a traceroute operation from Device A to Device D uses the LSP.
1.354
Example: Enabling Wide IS-IS Metrics for Traffic Engineering on page 213
Requirements
Before you begin, configure IS-IS on both routers. See Example: Configuring IS-IS on
page 14 for information about the sample IS-IS configuration.
Overview
Figure 24 on page 214 shows the topology used in this example.
213
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS checksums:
1.
2.
Results
From configuration mode, confirm your configuration by entering the show protocols
command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@R1# show protocols
isis {
level 2 wide-metrics-only;
level 1 wide-metrics-only;
interface lt-1/2/0.1 {
level 2 metric 100;
level 1 metric 100;
}
}
If you are done configuring the device, enter commit from configuration mode.
214
Verification
Confirm that the configuration is working properly.
Meaning
Related
Documentation
The output shows that the metric is set to 100, as expected, at both Level 1 and Level 2.
215
between the PE devices, services depending on MPLS forwarding fail. When LDP has not
completed exchanging label bindings with an IGP next hop, traffic is discarded if the head
end of the LSP forwards traffic because the LSP is assumed to be in place.
There are various reasons that the LSP fails to come up, as follows:
When an LDP hello adjacency or an LDP session with a peer is lost due to some error
while the IGP still points to that peer. IP forwarding of traffic continues on the IGP link
associated with the LDP peer rather than being shifted to another IGP link with which
LDP is synchronized.
When a new IGP link comes up, causing the next hop to a certain destination to change
in the IGPs shortest-path-first (SPF) calculations. Although the IGP might be up on
the new link, LDP might not have completed label exchange for all the routes. This
condition might be transient or due to a misconfiguration.
LDP-IGP synchronization discourages a link from being used while the LDP sessions are
not fully established. When LDP is not fully operational on a link, the IGP advertises a
maximum cost for the link, thus preventing traffic from flowing through it. The IGP does
not advertise the original cost or metric for the link until either LDP label exchange has
been completed with the peer on the link or a configured amount of time has passed
(the holddown period).
When synchronization is configured, LDP notifies the IGP to advertise the maximum cost
for the link when one of the following triggering events takes place:
If the holddown timer has been configured, the timer starts when the triggering event
takes place. When the timer expires, LDP notifies the IGP to resume advertising the original
cost.
If the holddown timer has not been configured, the IGP waits (endlessly) until bindings
have been received from downstream routers for all the forwarding equivalence classes
(FECs) that have a next hop on that interface. Only after that takes place does LDP notify
the IGP to bring down the cost on the interface.
LDP-IGP synchronization is supported only for directly connected peers and links with
the platform label space.
216
LDP is not yet operational on the link and no holddown timer has been configured.
During LDP graceful restart, no synchronization operations are done. If the LDP graceful
restart is terminated, LDP notifies the IGPs to advertise the links with the maximum
metric.
Requirements
Before you begin, configure IS-IS and LDP. For an example, see Example: Configuring a
Layer 3 VPN with Route Reflection and AS Override.
Overview
LDP distributes labels in non-traffic-engineered applications. Labels are distributed along
the best path determined by IS-IS. If the synchronization between LDP and IS-IS is lost,
the label-switched path (LSP) goes down. Therefore, LDP and IS-IS synchronization is
beneficial. When LDP synchronization is configured and when LDP is not fully operational
on a given link (a session is not established and labels are not exchanged), IS-IS advertises
217
the link with the maximum cost metric. The link is not preferred but remains in the network
topology.
LDP synchronization is supported only on point-to-point interfaces and LAN interfaces
configured as point-to-point interfaces under IS-IS. LDP synchronization is not supported
during graceful restart.
To advertise the maximum cost metric until LDP is operational for LDP synchronization,
include the ldp-synchronization statement:
ldp-synchronization {
disable;
hold-time seconds;
}
To disable synchronization, include the disable statement. To configure the time period
to advertise the maximum cost metric for a link that is not fully operational, include the
hold-time statement.
NOTE: When an interface has been in the holddown state for more than
3 minutes, a system log message with a warning level is sent. This message
appears in both the messages file and the trace file.
.1
10.0.0.0/30
.2
PE1
10.0.0.4/30
.5
.6
.21
P1
10.0.0.8/30
.9
.10
.25
P2
10.0.0.12/30
.13
.14
PE2
.29 .17
lo0,0 Addresses
10.255.1.1
10.255.2.2
10.255.3.3
10.255.4.4
10.255.7.7
10.255.5.5
10.255.6.6
10.0.0.24/30
10.0.0.16/30
.18
.26
10.0.0.20/30
.22
P3
.30
10.0.0.28/30
CE2
AS
64512
g041274
CE1
PE1
P1
P2
P3
PE2
CE2
Configuration
CLI Quick
Configuration
Device P1
218
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set protocols mpls interface all
set protocols mpls interface fxp0.0 disable
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure synchronization between IS-IS and LDP:
1.
2.
3.
4.
5.
Results
From configuration mode, confirm your configuration by entering the show protocols
command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@P1# show protocols
mpls {
interface all;
interface fxp0.0 {
disable;
}
}
isis {
interface all {
ldp-synchronization;
point-to-point;
}
interface fxp0.0 {
219
disable;
}
}
ldp {
interface all;
interface fxp0.0 {
disable;
}
}
If you are done configuring the device, enter commit from configuration mode. Repeat
the configuration on Device R2.
Verification
Confirm that the configuration is working properly.
220
Level 2
Adjacencies: 1, Priority: 64, Metric: 10
Hello Interval: 9.000 s, Hold Time: 27 s
Meaning
Related
Documentation
221
222
CHAPTER 9
Understanding the Transmission Frequency for CSNPs on IS-IS Interfaces on page 228
223
20 ms timer. Additionally, there is logic that makes sure that the adjacency is reliably up
for some time before advertising the adjacency.
Related
Documentation
Requirements
Before you begin, configure IS-IS. See Example: Configuring IS-IS on page 14 for
information about the sample IS-IS configuration.
Overview
To keep reachability information in the network current, link-state protocols need to
originate, distribute, and revoke or time-out topology information. In IS-IS, topology
information is encoded in link-state PDUs.
By default, the routing device sends one link-state PDU out an interface every
100 milliseconds. To modify this interval, include the lsp-interval statement:
lsp-interval milliseconds;
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
224
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure the link-state PDU interval:
1.
2.
3.
4.
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show interfaces
fe-1/2/0 {
unit 0 {
description to-R2;
225
family inet {
address 10.0.0.1/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
}
}
user@R1# show protocols
isis {
traceoptions {
file isis-trace;
flag lsp;
}
interface fe-1/2/0.0 {
lsp-interval 1000;
}
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode. Repeat
the configuration on Device R2.
Verification
Confirm that the configuration is working properly.
226
Meaning
The output shows that the link-state PDU interval is set to 1000 milliseconds.
Processed
24
24
474
0
0
522
Drops
0
0
0
0
0
0
Sent
13
836
0
0
0
849
Rexmit
0
0
0
0
0
0
Drops
0
0
0
0
0
0
Sent
24
2459
474
0
0
2957
Rexmit
0
0
0
0
0
0
Processed
13
15
0
0
0
28
Meaning
The output shows the number of link-state PDUs sent and received on Device R1 and
Device R2.
Check the IS-IS trace log to view the interval between packets.
227
Action
From operational mode, enter the show log isis-trace | match lsp command.
user@R1> show log isis | match lsp
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Meaning
Related
Documentation
18
18
18
18
18
18
18
18
18
18
18
18
15:27:02.692031
15:27:02.692753
15:27:44.396480
15:27:45.398077
15:28:44.689024
15:28:44.689663
15:29:15.954900
15:29:16.955620
15:29:28.789986
15:29:28.790620
15:30:27.727892
15:30:27.728519
The output shows that Level 1 and Level 2 link-state PDUs are being sent and received
roughly every 1000 milliseconds (1 second).
Example: Configuring the Transmission Frequency for CSNP Packets on IS-IS Interfaces
on page 229
228
Example: Configuring the Transmission Frequency for CSNP Packets on IS-IS Interfaces
on page 229
Example: Configuring the Transmission Frequency for CSNP Packets on IS-IS Interfaces
This example shows how to modify the complete sequence number PDU (CSNP) interval
on IS-IS interfaces.
Requirements
Before you begin, configure IS-IS. See Example: Configuring IS-IS on page 14 for
information about the sample IS-IS configuration.
Overview
CSNPs contain a complete list of all link-state PDUs in the IS-IS database. CSNPs are
sent periodically on all links, and the receiving systems use the information in the CSNP
to update and synchronize their link-state PDU databases. The designated router
multicasts CSNPs on broadcast links in place of sending explicit acknowledgments for
each link-state PDU.
If the routing device is the designated router on a LAN, IS-IS sends CSNPs every
10 seconds. If the routing device is on a point-to-point interface, it sends CSNPs every
5 seconds. You might want to modify the default interval to protect against CSNP flooding.
To modify the CSNP interval, include the csnp-interval statement:
csnp-interval seconds;
In this example, an IS-IS routing device on a LAN segment is configured to send CSNPs
every 30 seconds.
Figure 26 on page 224 shows the topology used in this example.
.2
R1
R2
lo0:192.168.0.1
lo0:192.168.0.2
g041282
.1
229
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure the CSNP interval:
1.
2.
3.
4.
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show interfaces
fe-1/2/0 {
unit 0 {
description to-R2;
230
family inet {
address 10.0.0.1/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
}
}
user@R1# show protocols
isis {
traceoptions {
file isis-trace;
flag csn;
}
interface fe-1/2/0.0 {
csnp-interval 30;
}
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode. Repeat
the configuration on Device R2.
Verification
Confirm that the configuration is working properly.
231
Level 2
Adjacencies: 1, Priority: 64, Metric: 10
Hello Interval: 9.000 s, Hold Time: 27 s
Designated Router: R2.02 (not us)
Meaning
Processed
5
20
6
0
0
31
Drops
0
0
0
0
0
0
Sent
3
43
0
0
0
46
Rexmit
0
0
0
0
0
0
Drops
0
0
0
0
0
0
Sent
5
86
6
0
0
97
Rexmit
0
0
0
0
0
0
Processed
3
11
0
0
0
14
Meaning
232
The output shows the number of CSNPs sent and received on Device R1 and Device R2.
Check the IS-IS trace log to view the interval between packets.
From operational mode, enter the show log isis-trace | match csn command.
user@R1> show log isis-trace | match csn
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Jun
Meaning
Related
Documentation
18
18
18
18
18
18
18
18
14:36:19.504064
14:36:19.523065
14:36:48.904120
14:36:48.916425
14:37:14.954447
14:37:14.971329
14:37:44.227106
14:37:44.244181
Received
Received
Received
Received
Received
Received
Received
Received
L1
L2
L1
L2
L1
L2
L1
L2
CSN,
CSN,
CSN,
CSN,
CSN,
CSN,
CSN,
CSN,
source
source
source
source
source
source
source
source
R2,
R2,
R2,
R2,
R2,
R2,
R2,
R2,
interface
interface
interface
interface
interface
interface
interface
interface
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
fe-1/2/0.0
The output shows that Level 1 and Level 2 CSNPs are being received roughly every 30
seconds.
Understanding the Transmission Frequency for CSNPs on IS-IS Interfaces on page 228
233
sparse in almost all practical deployments. In service provider networks, overlay networks
are no longer used.
In enterprise networks, dense flooding graphs that, for example, lease a Layer 2 VPN
service (an overlay network) to fully mesh its WAN routers might continue to be a useful
architecture. In such cases, mesh groups might be useful.
Related
Documentation
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
When link-state PDUs are being flooded throughout an area, each router within a mesh
group receives only a single copy of a link-state PDU instead of receiving one copy from
each neighbor, thus minimizing the overhead associated with the flooding of link-state
PDUs.
To create a mesh group and designate that an interface be part of the group, assign a
mesh-group number to all the routing device interfaces in the group:
mesh-group value;
To prevent an interface in the mesh group from flooding link-state PDUs, configure
blocking on that interface:
mesh-group blocked;
234
g041287
10.0.0.0/30
fe-1/2/0
fe-1/2/0
.1
.2
R1 .5
.14 R2
fe-1/2/1
fe-1/2/1
fe-1/2/2 .9
.21 fe-1/2/2
10.0.0.4/30
10.0.0.8/30
10.0.0.20/30
10.0.0.12/30
fe-1/2/0 .10
.22 fe-1/2/2
fe-1/2/0
fe-1/2/1
.6
.13
R3
R4
.17
.18
fe-1/2/2
fe-1/2/1
10.0.0.16/30
CLI Quick Configuration on page 235 shows the configuration for all of the devices in
Figure 28 on page 235. The section Step-by-Step Procedure on page 236 describes the
steps on Device R1.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
Device R1
Device R2
235
Device R3
Device R4
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure an IS-IS mesh group:
1.
2.
236
Results
From configuration mode, confirm your configuration by entering the show interfaces and
show protocols commands. If the output does not display the intended configuration,
repeat the instructions in this example to correct the configuration.
user@R1# show interfaces
fe-1/2/0 {
unit 0 {
description to-R2;
family inet {
address 10.0.0.1/30;
}
family iso;
}
}
fe-1/2/1 {
unit 0 {
description to-R4;
family inet {
address 10.0.0.5/30;
}
family iso;
}
}
fe-1/2/2 {
unit 0 {
description to-R3;
family inet {
address 10.0.0.9/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 192.168.0.1/32;
}
family iso {
address 49.0002.0192.0168.0001.00;
}
}
}
user@R1# show protocols
isis {
interface fe-1/2/0.0 {
mesh-group 1;
}
interface fe-1/2/1.0 {
mesh-group 1;
237
}
interface fe-1/2/2.0 {
mesh-group 1;
}
interface lo0.0;
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
238
Meaning
Mesh group: 1 in the output shows that the mesh group is enabled as expected.
Action
Verify that the number of link-state PDUs received and sent is less than what it would
be if the mesh group were not enabled.
From operational mode, enter the show isis statistics command.
user@R1> show isis statistics
IS-IS statistics for tp5-R1:
PDU type
Received
Processed
LSP
73
73
IIH
4463
85
CSNP
1294
1294
PSNP
0
0
Unknown
0
0
Totals
5830
1452
Drops
0
0
0
0
0
0
Sent
37
1525
0
2
0
1564
Rexmit
0
0
0
0
0
0
Meaning
Related
Documentation
After the adjacencies have been up for about 38 minutes, the output shows that Device
R1 has received 73 link-state PDUs and sent 37 link-state PDUs. In the same topology in
the same amount of time without the mesh group enabled, Device R1 would have received
roughly 156 link-state PDUs and sent roughly 117 link-state PDUs.
239
240
CHAPTER 10
CLNS Overview
Requirements
Before you begin, configure the network interfaces. See the Junos OS Interfaces
Configuration Guide for Security Devices.
Overview
The configuration instructions in this topic describe how to create a routing instance
called aaaa, enable IS-IS on all interfaces, define the BGP export policy name (dist-bgp),
family (ISO), and protocol (BGP), and apply the export policy to IS-IS.
241
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set routing-instances aaaa protocols isis clns-routing
set routing-instances aaaa protocols isis interface all
set routing-instances aaaa protocols isis no-ipv4-routing no-ipv6-routing
set policy-options policy-statement dist-bgp from family iso protocol bgp
set policy-options policy-statement dist-bgp then accept
set routing-instances aaaa protocols isis export dist-bgp
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS for CLNS:
1.
2.
3.
(Optional) Disable IPv4 and IPv6 routing to configure a pure CLNS network.
[edit routing-instances aaaa]
user@host# set protocols isis no-ipv4-routing no-ipv6-routing
4.
5.
6.
Results
242
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Verify that the expected ISO routes are displayed in the IS-IS routing table.
From operational mode, enter the show isis route command.
Related
Documentation
243
244
CHAPTER 11
Example: Configuring IS-IS on Logical Systems Within the Same Router on page 247
Example: Configuring an IS-IS Default Route Policy on Logical Systems on page 257
The concept of logical systems breaks with this tradition. With the Junos operating
system (Junos OS), you can partition a single router into multiple logical devices that
perform independent routing tasks. Because logical systems perform a subset of the
tasks once handled by the main router, logical systems offer an effective way to maximize
the use of a single routing or switching platform.
NOTE: Beginning with Junos OS Release 9.3, the logical router feature has
been renamed logical system.
All configuration statements, operational commands, show command output,
error messages, log messages, and SNMP MIB objects that contain the string
logical-router have been changed to logical-system.
Traditionally, service provider network design requires multiple layers of switches and
routers. These devices transport packet traffic between customers. As seen on the left
side of Figure 29 on page 246, access devices are connected to edge devices, which are
in turn connected to core devices.
However, this complexity can lead to challenges in maintenance, configuration, and
operation. To reduce such complexity, Juniper Networks supports logical systems. Logical
systems perform a subset of the actions of the main router and have their own unique
routing tables, interfaces, policies, and routing instances. As shown on the right side of
245
Figure 29 on page 246, a set of logical systems within a single router can handle the
functions previously performed by several small routers.
g016932
Router 1
Figure 30 on page 246 shows the Junos OS architecture without logical systems configured.
Figure 31 on page 247 shows the Junos OS architecture when logical systems are configured.
Note that each logical system runs its own routing protocol process (rpd).
Routing Tables
Family: y
Family: x
Family: inet
CLI
Routing
Protocol
Process
Forwarding
Table
Forwarding
Table
Packet
Forwarding
Engine
246
MGD
Interface
Process
Chassis
Process
Kernel
Interface
Process
Distributed
ASICs
Microkernel
Chassis
Process
g040563
Routing
Engine
CLI
Irmuxd
RPD
Main
RPD
LS1
Family: y
Family: x
Family: inet
RPD
LSn
LS1/Family: y
LS1/Family: x
LS1/Family: inet
Kernel
Distributed
ASICs
Interface
Process
Packet
Forwarding
Engine
Related
Documentation
Chassis
Process
LSn/Family: y
LSn/Family: x
LSn/Family: inet
Forwarding
Table
Forwarding
Table
Interface
Process
Microkernel
Chassis
Process
g040564
Routing Tables
MGD
Requirements
You must connect the logical systems by using logical tunnel (lt) interfaces. See Example:
Connecting Logical Systems Within the Same Router Using Logical Tunnel Interfaces.
Overview
This example shows an IS-IS configuration with three logical systems running on one
physical router. Each logical system has its own routing table. The configuration enables
the protocol on all logical tunnel interfaces that participate in the IS-IS domain.
Figure 32 on page 248 shows the sample network.
247
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set logical-systems LS1 interfaces lt-0/1/0 unit 2 description LS1->LS2
set logical-systems LS1 interfaces lt-0/1/0 unit 2 encapsulation ethernet
set logical-systems LS1 interfaces lt-0/1/0 unit 2 peer-unit 1
set logical-systems LS1 interfaces lt-0/1/0 unit 2 family inet address 10.0.0.1/30
set logical-systems LS1 interfaces lt-0/1/0 unit 2 family iso
set logical-systems LS1 interfaces lt-0/1/0 unit 0 description LS1->LS3
set logical-systems LS1 interfaces lt-0/1/0 unit 0 encapsulation ethernet
set logical-systems LS1 interfaces lt-0/1/0 unit 0 peer-unit 5
set logical-systems LS1 interfaces lt-0/1/0 unit 0 family inet address 10.0.1.2/30
set logical-systems LS1 interfaces lt-0/1/0 unit 0 family iso
set logical-systems LS1 interfaces lo0 unit 1 family iso address 49.0001.1720.1600.1001.00
set logical-systems LS1 protocols isis interface lt-0/1/0.0
set logical-systems LS1 protocols isis interface lt-0/1/0.2
set logical-systems LS1 protocols isis interface lo0.1 passive
set logical-systems LS2 interfaces lt-0/1/0 unit 1 description LS2->LS1
set logical-systems LS2 interfaces lt-0/1/0 unit 1 encapsulation ethernet
set logical-systems LS2 interfaces lt-0/1/0 unit 1 peer-unit 2
set logical-systems LS2 interfaces lt-0/1/0 unit 1 family inet address 10.0.0.2/30
set logical-systems LS2 interfaces lt-0/1/0 unit 1 family iso
set logical-systems LS2 interfaces lt-0/1/0 unit 4 description LS2->LS3
set logical-systems LS2 interfaces lt-0/1/0 unit 4 encapsulation ethernet
set logical-systems LS2 interfaces lt-0/1/0 unit 4 peer-unit 3
set logical-systems LS2 interfaces lt-0/1/0 unit 4 family inet address 10.0.2.2/30
set logical-systems LS2 interfaces lt-0/1/0 unit 4 family iso
248
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure IS-IS on logical systems:
1.
Configure the logical tunnel interface on Logical System LS1 connecting to Logical
System LS2.
[edit logical-systems LS1]
user@host# set interfaces lt-0/1/0 unit 2 description LS1->LS2
user@host# set interfaces lt-0/1/0 unit 2 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 2 peer-unit 1
user@host# set interfaces lt-0/1/0 unit 2 family inet address 10.0.0.1/30
user@host# set interfaces lt-0/1/0 unit 2 family iso
2.
Configure the logical tunnel interface on Logical System LS1 connecting to Logical
System LS3.
[edit logical-systems LS1]
user@host# set interfaces lt-0/1/0 unit 0 description LS1->LS3
user@host# set interfaces lt-0/1/0 unit 0 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 0 peer-unit 5
user@host# set interfaces lt-0/1/0 unit 0 family inet address 10.0.1.2/30
user@host# set interfaces lt-0/1/0 unit 0 family iso
3.
Configure the logical tunnel interface on Logical System LS2 connecting to Logical
System LS1.
[edit logical-systems LS2]
user@host# set interfaces lt-0/1/0 unit 1 description LS2->LS1
user@host# set interfaces lt-0/1/0 unit 1 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 1 peer-unit 2
user@host# set interfaces lt-0/1/0 unit 1 family inet address 10.0.0.2/30
user@host# set interfaces lt-0/1/0 unit 1 family iso
249
4.
Configure the logical tunnel interface on Logical System LS2 connecting to Logical
System LS3.
[edit logical-systems LS2]
user@host# set interfaces lt-0/1/0 unit 4 description LS2->LS3
user@host# set interfaces lt-0/1/0 unit 4 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 4 peer-unit 3
user@host# set interfaces lt-0/1/0 unit 4 family inet address 10.0.2.2/30
user@host# set interfaces lt-0/1/0 unit 4 family iso
5.
Configure the logical tunnel interface on Logical System LS3 connecting to Logical
System LS2.
[edit logical-systems LS3]
user@host# set interfaces lt-0/1/0 unit 3 description LS3->LS2
user@host# set interfaces lt-0/1/0 unit 3 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 3 peer-unit 4
user@host# set interfaces lt-0/1/0 unit 3 family inet address 10.0.2.1/30
user@host# set interfaces lt-0/1/0 unit 3 family iso
6.
Configure the logical tunnel interface on Logical System LS3 connecting to Logical
System LS1.
[edit logical-systems LS3]
user@host# set interfaces lt-0/1/0 unit 5 description LS3->LS1
user@host# set interfaces lt-0/1/0 unit 5 encapsulation ethernet
user@host# set interfaces lt-0/1/0 unit 5 peer-unit 0
user@host# set interfaces lt-0/1/0 unit 5 family inet address 10.0.1.1/30
user@host# set interfaces lt-0/1/0 unit 5 family iso
7.
Configure the ISO address on the loopback interface for the three logical systems.
[edit logical-systems LS1]
user@host# set interfaces lo0 unit 1 family iso address 49.0001.1720.1600.1001.00
user@host# set protocols isis interface lo0.1 passive
[edit logical-systems LS2]
user@host# set interfaces lo0 unit 2 family iso address 49.0001.1720.1600.2002.00
user@host# set protocols isis interface lo0.2 passive
[edit logical-systems LS3]
user@host# set interfaces lo0 unit 3 family iso address 49.0001.1234.1600.2231.00
user@host# set protocols isis interface lo0.3 passive
8.
9.
250
user@host# commit
Results
From configuration mode, confirm your configuration by issuing the show logical-systems
command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@host# show logical-systems
LS1 {
interfaces {
lt-0/1/0 {
unit 0 {
description LS1->LS3;
encapsulation ethernet;
peer-unit 5;
family inet {
address 10.0.1.2/30;
}
family iso;
}
unit 2 {
description LS1->LS2;
encapsulation ethernet;
peer-unit 1;
family inet {
address 10.0.0.1/30;
}
family iso;
}
}
lo0 {
unit 1 {
family iso {
address 49.0001.1720.1600.1001.00;
}
}
}
}
protocols {
isis {
interface lt-0/1/0.0;
interface lt-0/1/0.2;
interface lo0.1 {
passive;
}
}
}
}
LS2 {
interfaces {
lt-0/1/0 {
unit 1 {
description LS2->LS1;
encapsulation ethernet;
peer-unit 2;
family inet {
address 10.0.0.2/30;
}
family iso;
251
}
unit 4 {
description LS2->LS3;
encapsulation ethernet;
peer-unit 3;
family inet {
address 10.0.2.2/30;
}
family iso;
}
}
lo0 {
unit 2 {
family iso {
address 49.0001.1720.1600.2002.00;
}
}
}
}
protocols {
isis {
interface lt-0/1/0.1;
interface lt-0/1/0.4;
interface lo0.2 {
passive;
}
}
}
}
LS3 {
interfaces {
lt-0/1/0 {
unit 3 {
description LS3->LS2;
encapsulation ethernet;
peer-unit 4;
family inet {
address 10.0.2.1/30;
}
family iso;
}
unit 5 {
description LS3->LS1;
encapsulation ethernet;
peer-unit 0;
family inet {
address 10.0.1.1/30;
}
family iso;
}
}
lo0 {
unit 3 {
family iso {
address 49.0001.1234.1600.2231.00;
}
}
}
}
protocols {
252
isis {
interface lt-0/1/0.3;
interface lt-0/1/0.5;
interface lo0.3 {
passive;
}
}
}
}
Verification
Confirm that the configuration is working properly.
Action
Local
Remote
10.0.1.2/30
10.0.0.2/30
10.0.0.1/30
10.0.2.1/30
10.0.2.2/30
10.0.1.1/30
Make sure that the IS-IS adjacencies are established by checking the logical system
routing entries and by pinging the logical systems.
253
Action
10.0.2.0/30
10.0.2.2/32
10.0.1.0/30
10.0.1.1/32
10.0.2.0/30
254
10.0.2.1/32
255
Related
Documentation
Example: Connecting Logical Systems Within the Same Router Using Logical Tunnel
Interfaces
256
route if it is configured and active in the routing table. To be active, the configured next-hop
address must be reachable.
Administrators generally point the default route toward the routing device that has a
connection to a network service provider. Therefore, packets with destinations outside
the organization's local area network, typically destinations on the Internet or a wide
area network, are forwarded to the routing device with the connection to that provider.
The device to which the default route points is often called the default gateway.
Related
Documentation
Example: Configuring an IS-IS Default Route Policy on Logical Systems on page 257
Requirements
No special configuration beyond device initialization is required before configuring this
example.
Overview
This example shows a logical system redistributing a default route to other logical systems.
All logical systems are running IS-IS. A common reason for a default route is to provide
a path for sending traffic destined outside the IS-IS domain.
In this example, the default route is not used for forwarding traffic. The no-install
statement prevents the route from being installed in the forwarding table of Logical
System LS3. If you configure a route so it is not installed in the forwarding table, the route
is still eligible to be exported from the routing table to other protocols. The discard
statement silently drops packets without notice.
Figure 33 on page 258 shows the sample network.
257
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set logical-systems LS3 interfaces lt-1/2/0 unit 3 description LS3->LS2
set logical-systems LS3 interfaces lt-1/2/0 unit 3 encapsulation ethernet
set logical-systems LS3 interfaces lt-1/2/0 unit 3 peer-unit 4
set logical-systems LS3 interfaces lt-1/2/0 unit 3 family inet address 10.0.2.1/30
set logical-systems LS3 interfaces lt-1/2/0 unit 3 family iso
set logical-systems LS3 interfaces lt-1/2/0 unit 5 description LS3->LS1
set logical-systems LS3 interfaces lt-1/2/0 unit 5 encapsulation ethernet
set logical-systems LS3 interfaces lt-1/2/0 unit 5 peer-unit 0
set logical-systems LS3 interfaces lt-1/2/0 unit 5 family inet address 10.0.1.1/30
set logical-systems LS3 interfaces lt-1/2/0 unit 5 family iso
set logical-systems LS3 interfaces lo0 unit 3 family iso address 49.0001.1234.1600.2231.00
set logical-systems LS3 protocols isis export isis-default
set logical-systems LS3 protocols isis interface lt-1/2/0.3
set logical-systems LS3 protocols isis interface lt-1/2/0.5
set logical-systems LS3 protocols isis interface lo0.3 passive
set logical-systems LS3 routing-options static route 0.0.0.0/0 discard
set logical-systems LS3 routing-options static route 0.0.0.0/0 no-install
set logical-systems LS3 policy-options policy-statement isis-default from protocol static
set logical-systems LS3 policy-options policy-statement isis-default from route-filter
0.0.0.0/0 exact
set logical-systems LS3 policy-options policy-statement isis-default then accept
258
Step-by-Step
Procedure
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure an IS-IS default route policy on logical systems:
1.
2.
3.
4.
5.
6.
Results
From configuration mode, confirm your configuration by issuing the show logical-systems
LS3 command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
259
260
}
}
Verification
Confirm that the configuration is working properly.
Make sure that the IS-IS policy is working by checking the routing tables.
261
Action
10.0.1.0/30
10.0.1.1/32
10.0.2.0/30
10.0.2.1/32
*[Static/5] 00:00:45
Discard
*[IS-IS/15] 1w0d 10:14:14, metric 20
to 10.0.2.2 via lt-1/2/0.3
> to 10.0.1.2 via lt-1/2/0.5
*[Direct/0] 1w0d 10:15:18
> via lt-1/2/0.5
*[Local/0] 1w0d 10:15:18
Local via lt-1/2/0.5
*[Direct/0] 1w0d 10:15:18
> via lt-1/2/0.3
*[Local/0] 1w0d 10:15:18
Local via lt-1/2/0.3
10.0.2.0/30
10.0.2.2/32
262
10.0.1.0/30
10.0.1.2/32
10.0.2.0/30
Meaning
Related
Documentation
The routing table on Logical System LS3 contains the default 0.0.0.0/0 route from
protocol Static. The routing tables on Logical System LS1 and Logical System LS2 contain
the default 0.0.0.0/0 route from protocol IS-IS. If Logical System LS1 and Logical System
LS2 receive packets destined for networks not specified in their routing tables, those
packets will be sent to Logical System LS3 for further processing. This configuration
assumes that Logical System LS3 has a connection to an ISP or another external network.
263
264
PART 3
265
266
CHAPTER 12
Monitoring Networks
Requirements
You must have the view privilege.
Overview
To configure global routing protocol tracing, include the traceoptions statement at the
[edit routing-options] hierarchy level:
traceoptions {
file filename <files number> <size size> <world-readable | no-world-readable>;
flag flag <disable>;
}
The flags in a traceoptions flag statement are identifiers. When you use the set command
to configure a flag, any flags that might already be set are not modified. In the following
example, setting the timer tracing flag has no effect on the already configured task flag.
Use the delete command to delete a particular flag.
[edit routing-options traceoptions]
user@host# show
flag task;
user@host# set traceoptions flag timer
user@host# show
flag task;
flag timer;
user@host# delete traceoptions flag task
user@host# show
267
flag timer;
This example shows how to configure and view a trace file that tracks changes in the
routing table. The steps can be adapted to apply to trace operations for any Junos OS
hierarchy level that supports trace operations.
TIP: To view a list of hierarchy levels that support tracing operations, enter
the help apropos traceoptions command in configuration mode.
Configuration
CLI Quick
Configuration
To quickly configure this example, copy the following commands, paste them into a text
file, remove any line breaks, change any details necessary to match your network
configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy
level.
set routing-options traceoptions file routing-table-changes
set routing-options traceoptions file size 10m
set routing-options traceoptions file files 10
set routing-options traceoptions flag route
set routing-options static route 1.1.1.2/32 next-hop 10.0.45.6
The following example requires you to navigate various levels in the configuration
hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration
Mode in the CLI User Guide.
To configure the trace operations:
1.
2.
3.
268
2.
3.
4.
View the tracing operations in real time by running the monitor start command with
an optional match condition.
user@host> monitor start routing-table-changes | match 1.1.1.2
Aug 10 19:21:40.773467 BGP RECV
0.0.0.0/0
Aug 10 19:21:40.773685 bgp_rcv_nlri: 0.0.0.0/0
Aug 10 19:21:40.773778 bgp_rcv_nlri: 0.0.0.0/0 belongs to meshgroup
Aug 10 19:21:40.773832 bgp_rcv_nlri: 0.0.0.0/0 qualified bnp->ribact 0x0
l2afcb 0x0
5.
269
Halt the monitor command by pressing Enter and typing monitor stop.
[Enter]
user@host> monitor stop
7.
When you are finished troubleshooting, consider deactivating trace logging to avoid
any unnecessary impact to system resources.
When configuration is deactivated, it appears in the configuration with the inactive
tag.
[edit routing-options]
user@host# deactivate traceoptions
user@host# commit
[edit routing-options]
user@host# show
inactive: traceoptions {
file routing-table-changes size 10m files 10;
flag route;
}
static {
inactive: route 1.1.1.2/32 next-hop 10.0.45.6;
}
8.
Results
From configuration mode, confirm your configuration by entering the show routing-options
command. If the output does not display the intended configuration, repeat the
instructions in this example to correct the configuration.
user@host# show routing-options
traceoptions {
file routing-table-changes size 10m files 10;
flag route;
}
static {
route 1.1.1.2/32 next-hop 10.0.45.6;
}
Verification
Confirm that the configuration is working properly.
270
Make sure that events are being written to the log file.
Action
Related
Documentation
CLI Explorer
271
272
CHAPTER 13
Taking Appropriate Action for Resolving the Network Problem on page 277
Evaluating the Solution to Check Whether the Network Problem Is Resolved on page 277
Table 7: Checklist
Solution
for Working with Problems on Your Network
Tasks
Command or Action
[edit]
delete routing options static route destination-prefix
commit and-quit
show route destination-prefix
273
Before you embark on the four-step process, however, it is important that you are prepared
for the inevitable problems that occur on all networks. While you might find a solution
to a problem by simply trying a variety of actions, you can reach an appropriate solution
more quickly if you are systematic in your approach to the maintenance and monitoring
of your network. To prepare for problems on your network, understand how the network
functions under normal conditions, have records of baseline network activity, and carefully
observe the behavior of your network during a problem situation.
Figure 35 on page 274 shows the network topology used in this topic to illustrate the
process of diagnosing problems in a network.
lo0: .1
R1
so-0/0/1.15.1
Aggregate Routes:
100.100.1.0/24
100.100.2.0/24
100.100.3.0/24
100.100.4.0/24
so-0/0/0.12.2
so-0/0/0.12.1
AS 65002
lo0: .3
lo0: .2
R2
so-0/0/1.23.1
so-0/0/1.23.2
so-0/0/2.26.1
R3
so-0/0/3.36.1
so-0/0/1.15.2
so-0/0/3.36.2
R6
lo0: .5
lo0: .6
Key:
so-0/0/X: 10.1.x.x/30
lo0: 10.0.0.x/32
g003255
so-0/0/2.26.2
R5
I-BGP
E-BGP
The network in Figure 35 on page 274 consists of two autonomous systems (ASs). AS
65001 includes two routers, and AS 65002 includes three routers. The border router (R1)
in AS 65001 announces aggregated prefixes 100.100/24 to the AS 65002 network. The
274
problem in this network is that R6 does not have access to R5 because of a loop between
R2 and R6.
To isolate a failed connection in your network, follow these steps:
Description: The symptoms of a problem in your network are usually quite obvious, such
as the failure to reach a remote host.
Solution
To identify the symptoms of a problem on your network, start at one end of your network
and follow the routes to the other end, entering all or one of the following Junos OS
command-line interfaces (CLI) operational mode commands:
user@host> ping (ip-address | host-name)
user@host> show route (ip-address | host-name)
user@host> traceroute (ip-address | host-name)
Sample Output
user@R6> ping 10.0.0.5
PING 10.0.0.5 (10.0.0.5): 56 data bytes
36 bytes from 10.1.26.1: Time to live exceeded
Vr HL TOS Len
ID Flg off TTL Pro cks
Src
4 5 00 0054 e2db
0 0000 01 01 a8c6 10.1.26.2
Dst
10.0.0.5
Dst
10.0.0.5
Dst
10.0.0.5
^C
--- 10.0.0.5 ping statistics --3 packets transmitted, 0 packets received, 100% packet loss
user@R6> show route 10.0.0.5
inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.5/32
Meaning
The sample output shows an unsuccessful ping command in which the packets are being
rejected because the time to live is exceeded. The output for the show route command
275
shows the interface (10.1.26.1) that you can examine further for possible problems. The
traceroute command shows the loop between 10.1.26.1 (R2) and 10.1.26.2 (R6), as indicated
by the continuous repetition of the two interface addresses.
Description: A particular symptom can be the result of one or more causes. Narrow down
the focus of your search to find each individual cause of the unwanted behavior.
Solution
To isolate the cause of a particular problem, enter one or all of the following Junos OS
CLI operational mode command:
To isolate the cause of a particular problem, enter one or all of the following Junos OS
CLI operational mode command:
user@host> show < configuration | bgp | interfaces | isis | ospf | route >
Your particular problem may require the use of more than just the commands listed
above. See the appropriate command reference for a more exhaustive list of commonly
used operational mode commands.
Sample Output
user@R6> show interfaces terse
Interface
Admin Link Proto
so-0/0/0
up
up
so-0/0/0.0
up
up
inet
iso
so-0/0/2
up
up
so-0/0/2.0
up
up
inet
iso
so-0/0/3
up
up
so-0/0/3.0
up
up
inet
iso
[...Output truncated...]
Local
Remote
10.1.56.2/30
10.1.26.2/30
10.1.36.2/30
*[Static/5] 00:16:21
> to 10.1.26.2 via so-0/0/2.0
[BGP/170] 3d 20:23:35, MED 5, localpref 100
AS path: 65001 I
> to 10.1.12.1 via so-0/0/0.0
Meaning
The sample output shows that all interfaces on R6 are up. The output from R2 shows
that a static route [Static/5] configured on R2 points to R6 (10.1.26.2) and is the preferred
route to R5 because of its low preference value. However, the route is looping from R2
to R6, as indicated by the missing reference to R5 (10.1.15.2).
276
Description: The appropriate action depends on the type of problem you have isolated.
In this example, a static route configured on R2 is deleted from the [routing-options]
hierarchy level. Other appropriate actions might include the following:
Solution
To resolve the problem in this example, enter the following Junos OS CLI commands:
[edit]
user@R2# delete routing-options static route destination-prefix
user@R2# commit and-quit
user@R2# show route destination-prefix
Sample Output
[edit]
user@R2# delete routing-options static route 10.0.0.5/32
[edit]
user@R2# commit and-quit
commit complete
Exiting configuration mode
user@R2> show route 10.0.0.5
inet.0: 22 destinations, 24 routes (22 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.5/32
Meaning
The sample output shows the static route deleted from the [routing-options] hierarchy
and the new configuration committed. The output for the show route command now
shows the BGP route as the preferred route, as indicated by the asterisk (*).
Description: If the problem is solved, you are finished. If the problem remains or a new
problem is identified, start the process over again.
You can address possible causes in any order. In relation to the network in Isolating a
Broken Network Connection on page 274, we chose to work from the local router toward
the remote router, but you might start at a different point, particularly if you have reason
277
to believe that the problem is related to a known issue, such as a recent change in
configuration.
Solution
Sample Output
user@R6> show route 10.0.0.5
inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.5/32
Meaning
The sample output shows that there is now a connection between R6 and R5. The show
route command shows that the BGP route to R5 is preferred, as indicated by the asterisk
(*). The ping command is successful and the traceroute command shows that the path
from R6 to R5 is through R2 (10.1.26.1), and then through R1 (10.1.12.1).
278
CHAPTER 14
Troubleshooting IS-IS
If your MPLS network is configured with IS-IS as the interior gateway protocol (IGP), and
the output of the show mpls lsp extensive command shows that there is a problem, check
the IP and IS-IS layers. Because IS-IS and IP are independent of each other, you can check
either layer first. For more information about checking the IP layer, see Verifying the IP
Layer.
After you have checked the IP layer and determined that there is still a problem, check
the IS-IS layer, verify that IS-IS adjacencies are up, and make sure that the interfaces
and IS-IS protocol are configured correctly.
279
Action
Confirm that interfaces are configured for IS-IS, that the IS-IS protocol is configured
correctly, and that adjacencies are established.
To verify the label-switched path (LSP), enter the following command on the ingress,
transit, and egress routers:
user@host> show mpls lsp extensive
Sample Output 1
user@R1> show mpls lsp extensive
Ingress LSP: 1 sessions
10.0.0.6
From: 10.0.0.1, State: Dn, ActiveRoute: 0 , LSPname: R1-to-R6
ActivePath: (none)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
Primary
State: Dn
24 Oct 21 13:48:01 No Route toward dest [3 times]
23 Oct 21 13:47:44 Deselected as active
22 Oct 21 13:47:43 No Route toward dest[2 times]
21 Oct 21 13:47:43 ResvTear received
20 Oct 21 13:47:43 Down
19 Oct 21 13:47:43 10.1.13.2: No Route toward dest[2 times]
18 Oct 21 13:47:38 Record Route: 10.1.13.2 10.1.36.2
[...Output truncated...]
Created: Tue Oct 19 21:22:53 2004
Total 1 displayed, Up 0, Down 1
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Sample Output 2
user@R3> show mpls lsp extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
280
Sample Output 3
user@R6> show mpls lsp extensive
Ingress LSP: 1 sessions
10.0.0.1
From: 10.0.0.6, State: Dn, ActiveRoute: 0 , LSPname: R6-to-R1
ActivePath: (none)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
Primary
State: Dn
Will be enqueued for recomputation in 3 second(s).
13 Oct 21 14:23:33 CSPF failed: no route toward 10.0.0.1[90 times]
12 Oct 21 13:39:56 Deselected as active
11 Oct 21 13:39:56 CSPF: could not determine self
[...Output truncated...]
Created: Tue Oct 19 22:28:30 2004
Total 1 displayed, Up 0, Down 1
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Meaning
The sample output shows that LSP R1-to-R6 and the reverse LSP R6-to-R1 are down,
and there are no LSP sessions on transit router R3.
When you check the IS-IS layer, you verify that IS-IS adjacencies are up and that the IS-IS
interfaces are included at the protocol level.
Action
To verify the functioning of adjacent interfaces, enter the following commands from the
relevant routers:
user@host> show isis adjacency
user@host> show isis interface
Sample Output 1
user@R1> show isis adjacency
Interface
System
so-0/0/0.0
R2
so-0/0/1.0
R5
so-0/0/2.0
R3
user@R3> show isis adjacency
Interface
System
so-0/0/0.0
R4
so-0/0/1.0
R2
so-0/0/2.0
R1
so-0/0/3.0
R6
2 Down
L
2
2
2
State
Up
Up
Up
L
2
2
2
State
Up
Up
Up
281
Sample Output 2
user@R1> show isis interface
IS-IS interface database:
Interface
L CirID
lo0.0
0
0x1
so-0/0/0.0
2
0x1
so-0/0/1.0
2
0x1
so-0/0/2.0
2
0x1
Level 1 DR
Passive
Disabled
Disabled
Disabled
Level 2 DR
Passive
Point to Point
Point to Point
Point to Point
L1/L2 Metric
0/0
10/10
10/10
10/10
Level 1 DR
Passive
Disabled
Disabled
Disabled
Disabled
Level 2 DR
Passive
Point to Point
Point to Point
Point to Point
Point to Point
L1/L2 Metric
0/0
10/10
10/10
10/10
10/10
Meaning
Level 2 DR
Passive
Disabled
Disabled
Disabled
Disabled
L1/L2 Metric
0/0
10/10
10/10
10/10
10/10
Sample Output 1 shows that ingress router R1 has established adjacencies with the
relevant routers. Transit router R3 does not have an adjacency with egress router R6, and
egress router R6 has no adjacencies established in the network shown in MPLS Network
Broken at the IP and IGP Layers, indicating that the problem might be at the IS-IS protocol
level.
Sample Output 2 shows that R1 and R2 are Level 2 routers, in contrast to R6 which is a
Level 1 router. When a router is configured explicitly as a Level 1 or Level 2 router, it does
not communicate with routers configured at a different level. Level 1 routers communicate
with other Level 1 routers within their area, while Level 2 routers communicate with other
Level 2 routers, and toward other autonomous systems. Because all the routers in this
network are configured for Level 2, they cannot form an adjacency with R6, which is
incorrectly configured as a Level 1 router.
When you have determined that the problem is probably at the IS-IS protocol level, check
the IS-IS configuration of the routers in your network.
Action
To verify the IS-IS configuration, enter the following command from the relevant routers:
user@host> show configuration protocols isis
282
Sample Output
user@R1> show configuration protocols isis
level 1 disable;
interface so-0/0/0.0;
interface so-0/0/1.0;
interface so-0/0/2.0;
interface lo0.0; {
passive
user@R3> show configuration protocols isis
level 1 disable;
interface all {
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
interface lo0.0; {
passive
user@R6> show configuration protocols isis
level 2 disable; <<< Incorrect level disabled
interface all {
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
interface lo0.0; {
passive
Meaning
The sample output shows that R6 has Level 2 disabled, while R1 and R3 have Level 1
disabled. For IS-IS adjacencies to establish, routers need to be at the same level. Another
common configuration error is to omit the loopback interface (lo0) from the configuration
at the [edit protocols isis] hierarchy level. IS-IS does not function correctly if the loopback
interface (lo0) is not configured at this level. In addition, including the passive statement
ensures that protocols are not run over the loopback interface (lo0) and that the loopback
interface (lo0) is advertised correctly throughout the network.
Description: Depending on the error you encountered in your investigation, you must take
the appropriate action to correct the problem. In the example below, the routers are
configured to function at different levels of the IS-IS protocol.
Solution
283
Sample Output
Meaning
L
2
2
2
2
State
Up
Up
Up
Up
The sample output shows that the configuration error on egress router R6 has been
corrected, and IS-IS adjacencies are now established.
Action
After taking the appropriate action to correct the error, the label-switched path (LSP)
needs to be checked again to confirm that the problem in the RSVP layer has been
resolved.
To verify that the LSP is up and traversing the network as expected, enter the following
command from the ingress, egress, and transit routers:
user@host> show mpls lsp extensive
284
Sample Output 1
user@R1> show mpls lsp extensive
Ingress LSP: 1 sessions
10.0.0.6
From: 10.0.0.1, State: Up, ActiveRoute: 1 , LSPname: R1-to-R6
ActivePath: (primary)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
*Primary
State: Up
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 20)
10.1.13.2 S 10.1.36.2 S
Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
10.1.13.2 10.1.36.2
5 Oct 21 15:52:07 Selected as active path
4 Oct 21 15:52:07 Record Route: 10.1.13.2 10.1.36.2
3 Oct 21 15:52:07 Up
2 Oct 21 15:52:07 Originate Call
1 Oct 21 15:52:07 CSPF: computation result accepted
Created: Thu Oct 21 15:52:06 2004
Total 1 displayed, Up 1 , Down 0
Egress LSP: 1 sessions
10.0.0.1
From: 10.0.0.6, LSPstate: Up, ActiveRoute: 0
LSPname: R6-to-R1 , LSPpath: Primary
Suggested label received: -, Suggested label sent: Recovery label received: -, Recovery label sent: Resv style: 1 FF, Label in: 3, Label out: Time left: 142, Since: Thu Oct 21 15:41:59 2004
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 2 receiver 39082 protocol 0
PATH rcvfrom: 10.1.13.2 (so-0/0/2.0) 17 pkts
Adspec: received MTU 1500
PATH sentto: localclient
RESV rcvfrom: localclient
Record route: 10.1.36.2 10.1.13.2 <self>
Total 1 displayed, Up 1 , Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Sample Output 2
user@R3> show mpls lsp extensive
Ingress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Egress LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Transit LSP: 2 sessions
10.0.0.1
From: 10.0.0.6, LSPstate: Up, ActiveRoute: 1
LSPname: R6-to-R1 , LSPpath: Primary
Suggested label received: -, Suggested label sent: -
285
Sample Output 3
user@R6> show mpls lsp extensive
Ingress LSP: 1 sessions
10.0.0.1
From: 10.0.0.6, State: Up, ActiveRoute: 1, LSPname: R6-to-R1
ActivePath: (primary)
LoadBalance: Random
Encoding type: Packet, Switching type: Packet, GPID: IPv4
*Primary
State: Up
Computed ERO (S [L] denotes strict [loose] hops): (CSPF metric: 20)
10.1.36.1 S 10.1.13.1 S
Received RRO (ProtectionFlag 1=Available 2=InUse 4=B/W 8=Node 10=SoftPreempt):
10.1.36.1 10.1.13.1
18 Oct 21 15:34:18 Selected as active path
17 Oct 21 15:34:17 Record Route: 10.1.36.1 10.1.13.1
16 Oct 21 15:34:17 Up
15 Oct 21 15:34:17 Originate Call
14 Oct 21 15:34:17 CSPF: computation result accepted
[...Output truncated...]
Created: Tue Oct 19 22:28:30 2004
Total 1 displayed, Up 1, Down 0
Egress LSP: 1 sessions
10.0.0.6
From: 10.0.0.1, LSPstate: Up, ActiveRoute: 0
LSPname: R1-to-R6 , LSPpath: Primary
Suggested label received: -, Suggested label sent: Recovery label received: -, Recovery label sent: -
286
Resv style: 1 FF, Label in: 3, Label out: Time left: 126, Since: Thu Oct 21 15:44:25 2004
Tspec: rate 0bps size 0bps peak Infbps m 20 M 1500
Port number: sender 1 receiver 47963 protocol 0
PATH rcvfrom: 10.1.36.1 (so-0/0/3.0) 4 pkts
Adspec: received MTU 1500
PATH sentto: localclient
RESV rcvfrom: localclient
Record route: 10.1.13.1 10.1.36.1 <self>
Total 1 displayed, Up 1, Down 0
Transit LSP: 0 sessions
Total 0 displayed, Up 0, Down 0
Meaning
Sample Outputs 1 and 3 from ingress router R1 and egress router R6 show that the LSP
is now traversing the network along the expected path, from R1 through R3 to R6, and
the reverse LSP, from R6 through R3 to R1. In addition, Sample Output 2 from transit
router R3 shows that there are two transit LSP sessions, one from R1 to R6, and the other
from R6 to R1.
For IS-IS to run on a router (intermediate system) in your network, you must enable IS-IS
on the router, configure a network entity title (NET) on the loopback interface (lo0), and
configure family iso on all interfaces on which you want to run IS-IS. When you enable
IS-IS on a router, Level 1 and Level 2 are enabled by default.
Figure 37 on page 287 illustrates an example of routers at different levels in an IS-IS
topology.
287
The network in Figure 37 on page 287 is organized hierarchically and consists of Level 2,
Level 1/Level 2, and Level 1 routers in one autonomous system (AS) divided into four
areas: 49.0001, 49.0002, 49.0003, and 49.0004. The Level 2 routers route toward other
autonomous systems. The Level 1/Level 2 routers route between areas and to other
autonomous systems. The Level 1 routers route within an area, and when the destination
is outside the local area, they route toward a Level1/Level2 system.
In the following topics, the configuration of the various types of routers is examined.
Figure 38 on page 288 provides more details about the IS-IS network topology in
Figure 37 on page 287 so that you can verify the configuration output of the various routers.
To verify that IS-IS is configured correctly on routers at different levels, follow these
steps:
1.
288
The following output is for an IS-IS configuration on R2, a Level 1/Level 2 router in the
network shown.
Sample Output
[edit protocols isis]
user@R2# show
interface so-0/0/0.0 {
level 2 metric 10;
level 1 disable;
}
interface so-0/0/1.0 {
level 2 disable;
level 1 metric 10;
}
interface so-0/0/2.0 {
level 2 metric 10;
level 1 disable;
}
interface fxp0.0 {
disable;
}
interface lo0.0;
[edit protocols isis]
user@R2# run show isis interface
IS-IS interface database:
Interface
L CirID Level 1 DR
lo0.0
0
0x1 Passive
so-0/0/0.0
2
0x1 Disabled
so-0/0/1.0
3
0x1 Point to Point
so-0/0/2.0
2
0x1 Disabled
[edit interfaces]
user@R2# show
so-0/0/0 {
unit 0 {
family inet {
address 10.1.12.2/30;
}
family iso;
}
}
so-0/0/1 {
unit 0 {
family inet {
address 10.1.23.1/30;
}
family iso;
}
}
so-0/0/2 {
unit 0 {
family inet {
address 10.1.26.1/30;
}
Level 2 DR
Passive
Point to Point
Point to Point
Point to Point
L1/L2 Metric
0/0
10/10
10/10
10/10
289
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.0.2/32;
}
family iso {
address 49.0002.1000.0000.0002.00;
}
}
}
Meaning
The sample output shows a basic configuration of IS-IS on R2, a Level 1/Level 2 router.
The basic configuration is at the [edit protocols isis] and [edit interfaces] hierarchy levels.
At the [edit protocols isis] level, five interfaces are included: so-0/0/0, so-0/0/1, so-0/0/2,
fxp0, and the loopback interface (lo0). Two interfaces, so-0/0/0.0 and so-0/0/2.0,
have Level 1 disabled, making them Level 2 interfaces. One interface, so-0/0/1.0, has
Level 2 disabled, making it a Level 1 interface. The management interface (fxp0) is
disabled so that IS-IS packets are not sent over it, and the loopback interface (lo0) is
included because it becomes a point of connection from the router to the IS-IS network.
At the [edit interfaces] hierarchy level, all of the interfaces included in the [edit protocols
isis] hierarchy level are configured with family iso, and the loopback interface (lo0) is
configured with the NET address 49.0002.1000.0000.0002.00. Every router in an IS-IS
network must have at least one NET address that identifies a point of connection to the
IS-IS network. The NET address is generally configured on the loopback interface (lo0).
Routers that participate in multiple areas can have multiple NET addresses.
The following sample output is for R4, a Level 1 router in the network shown in The
following output is for an IS-IS configuration on R2, a Level 1/Level 2 router in the network
shown.
Sample Output
[edit protocols isis]
user@R4# show
level 2 disable;
interface so-0/0/2.0 {
level 1 metric 10;
}
290
interface fxp0.0 {
disable;
}
interface lo0.0;
[edit protocols isis]
user@R4# run show isis interface
IS-IS interface database:
Interface
L CirID Level 1 DR
lo0.0
0
0x1 Passive
so-0/0/2.0
1
0x1 Point to Point
[edit interfaces]
user@R4# show
so-0/0/2 {
unit 0 {
family inet {
address 10.1.45.1/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.0.4/32;
}
family iso {
address 49.0001.1000.0000.0004.00;
}
}
}
Meaning
Level 2 DR
Passive
Disabled
L1/L2 Metric
0/0
10/10
The sample output shows a basic configuration of IS-IS on R4, a Level 1 router. The basic
configuration is at the [edit protocols isis] and [edit interfaces] hierarchy levels.
At the [edit protocols isis] hierarchy level, three interfaces are included: so-0/0/2.0, fxp0,
and the loopback interface (lo0). Level 2 is disabled on the router, making it a Level 1
router that sends packets within its local area, 49.0001. When a packet destination is
outside the local area, R4 establishes an adjacency with the nearest Level 1/Level 2 router
(R5) that forwards the packets. For more information about adjacencies, see Displaying
the Status of IS-IS Adjacencies on page 293.
One interface, so-0/0/2.0, is configured for IS-IS. The management interface (fxp0) is
disabled so that IS-IS packets are not sent over it, and the loopback interface (lo0) is
included because it becomes a point of connection from the router to the IS-IS network.
At the [edit interfaces] hierarchy level, the interface included in the [edit protocols isis]
hierarchy level is also configured with family iso, and the loopback interface (lo0) is
configured with the NET address of 49.0001.1000.0000.0004.00. Every router in an
IS-IS network must have at least one NET address that identifies a point of connection
to the IS-IS network. The NET address is generally configured on the loopback interface
(lo0). Routers that participate in multiple areas can have multiple NET addresses.
291
Action
To check the configuration of a Level 2 router, enter the following CLI commands:
user@host# [edit protocols isis] show
user@host# [edit protocols isis] run show isis interface
user@host# [edit] edit interfaces
user@host# [edit interfaces] show
The following sample output is for R6, a Level 2 router in the network shown.
Sample Output
[edit protocols isis]
user@R6# show
level 1 disable;
interface so-0/0/0.0 {
level 2 metric 10;
}
interface so-0/0/2.0 {
level 2 metric 10;
}
interface fxp0.0 {
disable;
}
interface lo0.0;
[edit protocols isis]
user@R6# run show isis interface
IS-IS interface database:
Interface
L CirID
lo0.0
0
0x1
so-0/0/0.0
2
0x1
so-0/0/2.0
2
0x1
Level 1 DR
Passive
Disabled
Disabled
Level 2 DR
Passive
Point to Point
Point to Point
L1/L2 Metric
0/0
10/10
10/10
[edit interfaces]
user@R6# show
so-0/0/0 {
unit 0 {
family inet {
address 10.1.56.2/30;
}
family iso;
}
}
so-0/0/2 {
unit 0 {
family inet {
address 10.1.26.2/30;
}
family iso;
}
}
lo0 {
unit 0 {
family inet {
address 10.0.0.6/32;
}
family iso {
address 49.0003.1000.0000.0006.00;
}
}
}
292
Meaning
The sample output shows a basic configuration of IS-IS on R6, a Level 2 router. The basic
configuration is at the [edit protocols isis] and [edit interfaces] hierarchy levels.
At the [edit protocols isis] level, four interfaces are included: so-0/0/0.0, so-0/0/2.0,
fxp0, and the loopback interface (lo0). Level 1 is disabled on the two SONET/SDH
interfaces, making this a Level 2 router that routes between areas and toward other ASs.
The management interface (fxp0) is disabled so that IS-IS packets are not sent over it,
and the loopback interface (lo0) is included because it becomes a point of connection
from the router to the IS-IS network.
At the [edit interfaces] hierarchy level, the interfaces included in the [edit protocols isis]
hierarchy level are also configured with family iso, and the loopback interface (lo0) is
configured with the NET address of 49.0003.1000.0000.0006.00. Every router in an
IS-IS network must have at least one NET address that identifies a point of connection
to the IS-IS network. The NET address is generally configured on the loopback interface
(lo0). Routers that participate in multiple areas can have multiple NET addresses.
Related
Documentation
Assuming that all the routers are correctly configured for IS-IS, you can verify which
neighbors are adjacent and able to exchange IS-IS data. In addition, you can examine
the set of routes installed in the forwarding table to verify that the routing protocol process
(rpd) has relayed the correct information into the forwarding table.
Figure 39 on page 294 illustrates the example IS-IS topology used for the procedures in
this topic.
293
The network consists of Level 1 and Level 2 adjacencies. Level 1 adjacencies are within
areas 49.0001 and 49.0002. Level 2 adjacencies occur between all directly connected
Level 2 routers regardless of which area they are in. For example, R5 is in area 49.0001,
R6 is in area 49.0003, R1 is in area 49.0004, and R2 is in area 49.0002. The network in
Figure 39 on page 294 should have the following adjacencies:
Level 2 adjacencies between all directly connected Level 2 routers (R1, R2, R5, and R6).
Level 1 adjacencies between routers in area 49.0001 (R4 and R5) and between routers
in area 49.0002 (R2 and R3).
To verify that routers are adjacent and able to exchange IS-IS data, follow these steps:
user@host# show
For example:
[edit protocols isis traceoptions]
user@host# show
294
user@host# commit
4. View the contents of the file containing the detailed messages.
For example:
user@host# run show log isislog
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Nov
Meaning
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
29
23:17:50
23:17:50
23:17:53
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:54
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
23:17:55
started
on so-1/1/0.0
length 4469
on so-1/1/1.0
length 4469
Table 8 on page 295 lists tracing flags that can be configured specific to IS-IS and presents
example output for some of the flags.
Description
Example Output
csn
Complete sequence
number PDU (CSNP)
295
Description
Example Output
hello
Hello packet
Nov 28 20:13:50 Sending PTP IIH on so-1/1/1.0Nov 28 20:13:50 Received PTP IIH, source
id abc-core-01 on so-1/1/0.0Nov 28 20:13:53 Received PTP IIH, source id abc-core-02 on
so-1/1/1.0Nov 28 20:13:57 Sending PTP IIH on so-1/1/0.0Nov 28 20:13:58 Received PTP IIH,
source id abc-core-01 on so-1/1/0.0Nov 28 20:13:59 Sending PTP IIH on so-1/1/1.0
lsp
Link-state PDUs
(LSPs)
lsp-generation
Link-state PDU
generation packets
packets
Not available.
psn
Partial sequence
number PDU (PSNP)
packets
spf
Shortest-path-first
(SPF) calculations
Nov 28 20:44:01 Scheduling SPF for L1: ReconfigNov 28 20:44:01 Scheduling multicast
SPF for L1: ReconfigNov 28 20:44:01 Scheduling SPF for L2: ReconfigNov 28 20:44:01
Scheduling multicast SPF for L2: ReconfigNov 28 20:44:02 Running L1 SPFNov 28 20:44:02
L1 SPF initialization complete: 0.000099s cumulative timeNov 28 20:44:02 L1 SPF primary
processing complete: 0.000303s cumulative timeNov 28 20:44:02 L1 SPF result
postprocessing complete: 0.000497s cumulative timeNov 28 20:44:02 L1 SPF RIB
postprocessing complete: 0.000626s cumulative timeNov 28 20:44:02 L1 SPF routing
table postprocessing complete: 0.000736s cumulative time
Related
Documentation
296
user@host# show
For example:
[edit protocols isis traceoptions]
user@host# show
file isislog size 5m world-readable;
flag error;
flag lsp detail;
3. Commit the configuration.
user@host# commit
4. View the contents of the file containing the detailed messages.
For example:
user@host# run show log isislog
Nov 28 20:17:24 Received L2 LSP abc-core-01.00-00, interface so-1/1/0.0
Nov 28 20:17:24
from abc-core-01
Nov 28 20:17:24
sequence 0x1c4f9, checksum 0x9fea, lifetime 1199
Nov 28 20:17:24
max area 0, length 426
Nov 28 20:17:24
no partition repair, no database overload
Nov 28 20:17:24
IS type 3, metric type 0
Nov 28 20:17:24
area address 99.0908 (1)
Nov 28 20:17:24
speaks CLNP
Nov 28 20:17:24
speaks IP
Nov 28 20:17:24
dyn hostname abc-core-01
Nov 28 20:17:24
IP address 10.10.134.11
Nov 28 20:17:24
IP prefix: 10.10.10.0/30 metric 1 up
Nov 28 20:17:24
IP prefix: 10.10.10.4/30 metric 5 up
Nov 28 20:17:24
IP prefix: 10.10.10.56/30 metric 5 up
Nov 28 20:17:24
IP prefix: 10.10.10.52/30 metric 1 up
Nov 28 20:17:24
IP prefix: 10.10.10.64/30 metric 5 up
Nov 28 20:17:24
IP prefix: 10.10.10.20/30 metric 5 up
Nov 28 20:17:24
IP prefix: 10.10.10.28/30 metric 5 up
Nov 28 20:17:24
IP prefix: 10.10.10.44/30 metric 5 up
Nov 28 20:17:24
IP prefix 10.10.10.0 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 1
Nov 28 20:17:24
IP prefix 10.10.10.4 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.10.10.56 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.10.10.52 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 1
Nov 28 20:17:24
IP prefix 10.10.10.64 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.10.10.20 255.255.255.252
297
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.10.10.28 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.10.10.44 255.255.255.252
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IS neighbors:
Nov 28 20:17:24
IS neighbor abc-core-02.00
Nov 28 20:17:24
internal, metrics: default 1
[...Output truncated...]
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IS neighbor abc-brdr-01.00
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IS neighbor abc-core-02.00, metric: 1
Nov 28 20:17:24
IS neighbor abc-esr-02.00, metric: 5
Nov 28 20:17:24
IS neighbor abc-edge-03.00, metric: 5
Nov 28 20:17:24
IS neighbor abc-edge-01.00, metric: 5
Nov 28 20:17:24
IS neighbor abc-edge-02.00, metric: 5
Nov 28 20:17:24
IS neighbor abc-brdr-01.00, metric: 5
Nov 28 20:17:24
IP prefix: 10.10.134.11/32 metric 0 up
Nov 28 20:17:24
IP prefix: 10.11.0.0/16 metric 5 up
Nov 28 20:17:24
IP prefix: 10.211.0.0/16 metric 0 up
Nov 28 20:17:24
IP prefix 10.10.134.11 255.255.255.255
Nov 28 20:17:24
internal, metrics: default 0
Nov 28 20:17:24
IP prefix 10.11.0.0 255.255.0.0
Nov 28 20:17:24
internal, metrics: default 5
Nov 28 20:17:24
IP prefix 10.211.0.0 255.255.0.0
Nov 28 20:17:24
internal, metrics: default 0
Nov 28 20:17:24
Updating LSP
Nov 28 20:17:24 Updating L2 LSP abc-core-01.00-00 in TED
Nov 28 20:17:24 Analyzing subtlv's for abc-core-02.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24 Analyzing subtlv's for abc-esr-02.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24 Analyzing subtlv's for abc-edge-03.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24 Analyzing subtlv's for abc-edge-01.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24 Analyzing subtlv's for abc-edge-02.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24 Analyzing subtlv's for abc-brdr-01.00
Nov 28 20:17:24 Analysis complete
Nov 28 20:17:24
Scheduling L2 LSP abc-core-01.00-00 sequence 0x1c4f9 on
interface so-1/1/1.0
Related
Documentation
Configure the flag to display sent, received, or both sent and received packets.
[edit protocols isis traceoptions]
298
or
[edit protocols isis traceoptions]
user@host# set flag hello receive
or
[edit protocols isis traceoptions]
user@host# set flag hello
2. Verify the configuration.
user@host# show
For example:
[edit protocols isis traceoptions]
user@host# show
file isislog size 10k files 10;
flag hello send;
or
[edit protocols isis traceoptions]
user@host# show
file isislog size 10k files 10;
flag hello receive;
or
[edit protocols isis traceoptions]
user@host# show
file isislog size 10k files 10;
flag hello send receive;
3. Commit the configuration.
user@host# commit
4. View the contents of the file containing the detailed messages.
For example:
user@host# run show log isislog
Sep 27 18:17:01 ISIS periodic
Sep 27 18:17:01 ISIS periodic
Sep 27 18:17:03 ISIS periodic
Sep 27 18:17:04 ISIS periodic
Sep 27 18:17:06 ISIS L2 hello
Sep 27 18:17:06 ISIS periodic
Sep 27 18:17:06 ISIS L1 hello
Related
Documentation
xmit
xmit
xmit
xmit
from
xmit
from
to 01:80:c2:00:00:15 (IFL 2)
to 01:80:c2:00:00:14 (IFL 2)
to 01:80:c2:00:00:15 (IFL 2)
to 01:80:c2:00:00:14 (IFL 2)
0000.0000.0008 (IFL 2) absorbed
to 01:80:c2:00:00:15 (IFL 2)
0000.0000.0008 (IFL 2) absorbed
299
300
CHAPTER 15
301
information learned from all routing protocols. From this routing information, the routing
protocol process determines the active routes to network destinations and installs these
routes into the Routing Engines forwarding table. Finally, it implements routing policy,
which allows you to control the routing information that is transferred between the routing
protocols and the routing table. Using routing policy, you can filter and limit the transfer
of information as well as set properties associated with specific routes.
302
memory. This is also known as RSS or Resident Set Size. The RES value includes shared
library pages used by the process. Any amount of memory freed by the process might
still be considered part of the RES value. Generally, the kernel delays the migrating of
memory out of the Inact queue into the Cache or Free list unless there is a memory
shortage. This can lead to large discrepancies between the values reported by the routing
protocol process and the kernel, even after the routing protocol process has freed a large
amount of memory.
0.00,
0.00
18:30:33
Mem: 25M Active, 3968K Inact, 19M Wired, 184K Cache, 8346K Buf,
Swap: 528M Total, 64K Used, 528M Free
PID USERNAME PRI NICE SIZE
RES STATE
TIME
WCPU
CPU
544 root
30
0
604K
768K RUN
0:00 0.00% 0.00%
3 root
28
0
0K
12K psleep
0:00 0.00% 0.00%
4 root
28
0
0K
12K update
0:03 0.00% 0.00%
528 aviva
18
0
660K
948K pause
0:00 0.00% 0.00%
204 root
18
0
300K
544K pause
0:00 0.00% 0.00%
131 root
18
0
332K
532K pause
0:00 0.00% 0.00%
186 root
18
0
196K
68K pause
0:00 0.00% 0.00%
27 root
10
0
512M 16288K mfsidl
0:00 0.00% 0.00%
1 root
10
0
620K
344K wait
0:00 0.00% 0.00%
304 root
3
0
884K
900K ttyin
0:00 0.00% 0.00%
200 root
3
0
180K
540K ttyin
0:00 0.00% 0.00%
203 root
3
0
180K
540K ttyin
0:00 0.00% 0.00%
202 root
3
0
180K
540K ttyin
0:00 0.00% 0.00%
201 root
3
0
180K
540K ttyin
0:00 0.00% 0.00%
194 root
2
0 2248K 1640K select
0:11 0.00% 0.00%
205 root
2
0
964K
800K select
0:12 0.00% 0.00%
189 root
2 -12
352K
740K select
0:03 0.00% 0.00%
114 root
2
0
296K
612K select
0:00 0.00% 0.00%
188 root
2
0
780K
600K select
0:00 0.00% 0.00%
527 root
2
0
176K
580K select
0:00 0.00% 0.00%
195 root
2
0
212K
552K select
0:00 0.00% 0.00%
202M Free
COMMAND
top
vmdaemon
update
tcsh
csh
cron
watchdog
mount_mfs
init
bash
getty
getty
getty
getty
rpd
tnp.chassisd
xntpd
amd
dcd
rlogind
inetd
303
187
83
538
99
163
192
191
537
193
5
2
0
root
root
root
daemon
root
root
root
aviva
root
root
root
root
2
2
2
2
2
2
2
2
2
2
-18
-18
0
0
0
0
0
0
0
0
0
0
0
0
192K
188K
1324K
176K
572K
560K
1284K
636K
312K
0K
0K
0K
532K
520K
516K
492K
420K
400K
376K
364K
204K
12K
12K
0K
select
select
select
select
select
select
select
select
select
pfesel
psleep
sched
0:00
0:00
0:00
0:00
0:00
0:10
0:00
0:00
0:07
0:00
0:00
0:00
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
0.00%
tnetd
syslogd
mgd
portmap
nsrexecd
snmpd
mgd
cli
mib2d
if_pfe
pagedaemon
swapper
Table 9 on page 304 describes the output fields that represent the memory values for the
show system processes extensive command. Output fields are listed in the approximate
order in which they appear.
Field Description
Mem
Active
Inact
Memory allocated but not recently used or memory freed by the programs. Inactive memory remains
mapped in the address space of one or more processes and, therefore, counts toward the RSS value
of those processes.
Wired
Memory that is not eligible to be swapped, usually used for in-kernel memory structures and/or memory
physically locked by a process.
Cache
Memory that is not associated with any program and does not need to be swapped before being reused.
Buf
Size of memory buffer used to hold data recently called from the disk.
Free
Memory that is not associated with any programs. Memory freed by a process can become Inactive,
Cache, or Free, depending on the method used by the process to free the memory.
Swap
The rest of the command output displays information about the memory usage of each
process. The SIZE field indicates the size of the virtual address space, and the RES field
indicates the amount of the program in physical memory, which is also known as RSS or
Resident Set Size. For more information, see the show system processes command.
What is the difference between Active and Inact memory that is displayed by the show
system processes extensive command?
304
When the system is under memory pressure, the pageout process reuses memory from
the free, cache, inact and, if necessary, active pages. When the pageout process runs, it
scans memory to see which pages are good candidates to be unmapped and freed up.
Thus, the distinction between Active and Inact memory is only used by the pageout
process to determine which pool of pages to free first at the time of a memory shortage.
The pageout process first scans the Inact list, and checks whether the pages on this list
have been accessed since the time they have been listed here. The pages that have been
accessed are moved from the Inact list to the Active list. On the other hand, pages that
have not been accessed become prime candidates to be freed by the pageout process.
If the pageout process cannot produce enough free pages from the Inact list, pages from
the Active list get freed up.
Because the pageout process runs only when the system is under memory pressure, the
pages on the Inact list remain untouched even if they have not been accessed recently
when the amount of Free memory is adequate.
How do I interpret memory numbers displayed in the show task memory command
output?
The show task memory command provides a comprehensive picture of the memory
utilization for routing protocol tasks on the Routing Engine. The routing protocol process
is the main task that uses Routing Engine memory.
To check routing process memory usage, enter the show task memory command. Refer
to Table 10 on page 305 for information about the show task memory command output
fields.
user@host> show task memory
Memory
Size (kB)
Currently In Use:
29417
Maximum Ever Used:
33882
Available:
756281
%Available
3%
4%
100%
When
now
00/02/11 22:07:03
now
Table 10 on page 305 describes the output fields for the show task memory command.
Output fields are listed in the approximate order in which they appear.
Field Description
Memory Available
The show task memory command does not display all the memory used by the routing
protocol process. This value does not account for the memory used for the TEXT and
STACK segments, or the memory used by the routing protocol processs internal memory
manager.
305
Why is the Currently In Use value less than the RES value?
The show task memory command displays a Currently In Use value measured in kilobytes.
This value represents the memory currently in use. It is the dynamically allocated memory
plus the DATA segment memory. The show system processes extensive command displays
a RES value measured in kilobytes. This value represents the amount of program memory
resident in the physical memory. This is also known as RSS or Resident Set Size.
The Currently In Use value does not account for all of the memory that the routing protocol
process uses. This value does not include the memory used for the TEXT and the STACK
segments, and a small percentage of memory used by the routing protocol processs
internal memory manager. Further, the RES value includes shared library pages used by
the routing protocol process.
Any amount of memory freed by the routing protocol process might still be considered
part of the RES value. Generally, the kernel delays the migrating of memory out of the
Inact queue into the Cache or Free list unless there is a memory shortage. This can lead
to large discrepancies between the Currently In Use value and the RES value.
You can use the vmstat -s command to print the statistics for the swapout activity. The
displayed statistics appear as follows:
0 swap pager pageouts
0 swap pager pages paged out
The swap pager pageouts is the number of pageout operations to the swap device, and
the swap pager pages paged out is the number of pages paged out to the swap device.
Why does the system start swapping when I try to dump core using the request system
core-dumps command?
The request system core-dumps command displays a list of system core files created
when the device has failed. This command can be useful for diagnostic purposes. Each
list item includes the file permissions, number of links, owner, group, size, modification
date, path, and filename. You can use the core-filename option and the core-file-info,
brief, and detail options to display more information about the specified core-dump files.
306
You can use the request system core-dumps command to perform a non-fatal core-dump
without aborting the routing protocol process. To do this, the routing protocol process
is forked, generating a second copy, and then aborted. This process can double the
memory consumed by the two copies of the routing protocol processes, pushing the
system into swap.
Why does the show system processes extensive command show that memory is swapped
to disk although there is plenty of free memory?
Memory can remain swapped out indefinitely if it is not accessed again. Therefore, the
show system processes extensive command shows that memory is swapped to disk even
though there is plenty of free memory, and such a situation is not unusual.
This message includes the amount, in kilobytes and/or the percentage, of the available
memory in use.
This message should not appear under normal conditions, as any further memory
allocations usually require a portion of existing memory to be written to swap. As a
recommended solution, increase the amount of RAM in the Routing Engine. For more
information, go to http://kb.juniper.net/InfoCenter/index?page=content&id=KB14186 .
What can I do when there is a memory shortage even after a swap?
It is not recommended for the system to operate in this state, notwithstanding the
existence of swap. The protocols that run in the routing protocol process usually have a
real-time requirement that cannot reliably withstand the latency of being swapped to
hard disk. If the memory shortage has not resulted from a memory leak, then either a
reduction in the memory usage or an upgrade to a higher memory-capacity Routing
Engine is required.
How do I determine whether there is a memory leak in the routing protocol process?
307
Memory leaks are typically the result of a seemingly unbounded growth in the memory
usage of a process as reported by the show system processes extensive command.
There are two classes of memory leaks that the routing protocol process can experience.
The first class occurs when the allocated memory that is no longer in use is not freed.
This class of leak can usually be fixed by taking several samples of the show task
memory detail command over a period of time and comparing the deltas.
The second class occurs when there is a late access to freed memory. If the access is
not outside the mapped address space, the kernel backfills the accessed page with
real memory. This backfill is done without the knowledge of the routing protocol
processs internal memory allocator, which makes this class of leak much more difficult
to resolve. If a memory leak of this class is suspected, writing the state of the system
to a disk file (creating a core file) is suggested.
A large discrepancy between the RES value and the Currently In Use value might indicate
a memory leak. However, large discrepancies can also occur for legitimate reasons. For
example, the memory used for the TEXT and STACK segments or the memory used by
the routing protocol processs internal memory manager might not be displayed. Further,
the RES value includes shared library pages used by the process.
What is the task_timer?
The source of a routing protocol process memory leak can usually be identified by dumping
the timers for each task. You can use the show task task-name command to display
routing protocol tasks on the Routing Engine. Tasks can be baseline tasks performed
regardless of the devices configuration, and other tasks that depend on the device
configuration.
For more information, see the show task command.
Related
Documentation
308
PART 4
309
310
CHAPTER 16
Configuration Statements
311
312
313
helper-disable;
restart-duration seconds;
}
ignore-attached-bit;
interface interface-name {
... the interface subhierarchy appears after the main [edit protocols isis] hierarchy ...
}
label-switched-path name level level metric metric;
level (1 | 2) {
disable;
authentication-key key;
authentication-type authentication;
external-preference preference;
no-csnp-authentication;
no-hello-authentication;
no-psnp-authentication;
preference preference;
prefix-export-limit number;
wide-metrics-only;
}
loose-authentication-check;
lsp-lifetime seconds;
max-areas number;
no-adjacency-holddown;
no-authentication-check;
no-ipv4-routing;
no-ipv6-routing;
overload {
advertise-high-metrics;
timeout seconds;
}
reference-bandwidth reference-bandwidth;
rib-group {
inet group-name;
inet6 group-name;
}
spf-options {
delay milliseconds;
holddown milliseconds;
rapid-runs number;
}
topologies {
ipv4-multicast;
ipv6-multicast;
ipv6-unicast;
}
traceoptions {
file filename <files number> <size maximum-file-size> <world-readable |
no-world-readable>;
flag flag <flag-modifier> <disable>;
}
traffic-engineering {
disable;
family inet {
shortcuts {
multicast-rpf-routes:
314
}
}
family inet6 {
shortcuts;
}
}
ignore-lsp-metrics;
}
isis {
interface interface-name {
disable;
bfd-liveness-detection {
authentication {
algorithm (keyed-md5 | keyed-sha-1 | meticulous-keyed-md5 |
meticulous-keyed-sha-1 | simple-password);
key-chain key-chain-name;
loose-check;
}
detection-time {
threshold milliseconds;
}
minimum-interval milliseconds;
minimum-receive-interval milliseconds;
multiplier number;
no-adaptation;
transmit-interval {
minimum-interval milliseconds;
threshold milliseconds;
}
version (1 | automatic);
}
checksum;
csnp-interval (seconds | disable);
hello-padding (adaptive | loose | strict);
ldp-synchronization {
disable;
hold-time seconds;
}
level (1 | 2) {
disable;
hello-authentication-key key;
hello-authentication-type authentication;
hello-interval seconds;
hold-time seconds;
ipv4-multicast-metric number;
ipv6-multicast-metric number;
ipv6-unicast-metric number;
metric metric;
passive;
priority number;
te-metric metric;
}
link-protection;
lsp-interval milliseconds;
mesh-group (value | blocked);
315
no-adjacency-down-notification;
no-eligible-backup;
no-ipv4-multicast;
no-ipv6-multicast;
no-ipv6-unicast;
no-unicast-topology;
node-link-protection;
passive;
point-to-point;
}
}
}
Related
Documentation
316
admin-group
Syntax
Hierarchy Level
Release Information
Description
admin-group {
exclude [ group-name ];
include-all [ group-name ];
include-any [ group-name ];
preference [ group-name ];
}
[edit logical-systems logical-system-name routing-options backup-selection destination
prefix interface interface name],
[edit logical-systems logical-system-name routing-instances instance-name routing-options
backup-selection destination prefix interface interface-name],
[edit routing-instances instance-name routing-options backup-selection destination prefix
interface interface-name],
[edit routing-options backup-selection destination prefix interface interface name]
Options
path is not selected as the loop-free alternate (LFA) or backup next hop if any of
the links in the path have any one of the listed administrative groups.
group-name Name of one or more admin-group defined under the [edit protocols
mpls] hierarchy level.
include-all [ group-name ] Require each link in the backup path to have all the listed
the preference of the backup path. The leftmost element in the set is given the highest
preference.
group-name Name of one or more admin-group defined under the [edit protocols
mpls] hierarchy level.
317
Required Privilege
Level
Related
Documentation
318
Release Information
Description
authentication-key key;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
Default
If you do not include this statement and the authentication-type statement, IS-IS
authentication is disabled.
Options
Characters can include any ASCII strings. If you include spaces, enclose all characters
in quotation marks ( ).
Required Privilege
Level
Related
Documentation
319
Release Information
Description
Options
authentication-key-chain key-chain-name;
[edit logical-systems name protocols isis level level-number],
[edit logical-systems name routing-instances instance-name protocols isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances instance-name protocols isis level level-number]
include any ASCII strings. If you include spaces, enclose all characters in quotation
marks ( ).
Required Privilege
Level
Related
Documentation
320
Configuring the Authentication Key Update Mechanism for BGP and LDP Routing Protocols
Release Information
Description
Default
Options
authentication-type authentication;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
321
backup-selection {
destination prefix {
interface (interface-name| all){
admin-group {
exclude [ group-name ];
include-all [ group-name ];
include-any [ group-name ];
preference [ group-name ];
}
bandwidth-greater-equal-primary;
dest-metric (highest | lowest);
downstream-paths-only;
metric-order [ root dest ];
node {
exclude [ node-address ];
preference [ node-address ];
}
node-tag {
exclude [ route-tag ];
preference [ route-tag ];
}
protection-type (link | node | node-link);
root-metric (highest | lowest);
srlg (loose | strict);
evaluation-order [ admin-group srlg bandwidth protection-type node node-tag metric
];
}
}
}
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
322
Hierarchy Level
Release Information
Description
backup-spf options {
node-link-degradation;
per-prefix-calculation;
remote-backup-calculation;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Options
Example: Configuring Layer 3 VPN Egress Protection with RSVP and LDP
link-protection
node-link-protection
323
bfd-liveness-detection {
authentication {
algorithm algorithm-name;
key-chain key-chain-name;
loose-check;
}
detection-time {
threshold milliseconds;
}
minimum-interval milliseconds;
minimum-receive-interval milliseconds;
multiplier number;
no-adaptation;
transmit-interval {
minimum-interval milliseconds;
threshold milliseconds;
}
version (1 | automatic);
}
Hierarchy Level
Release Information
Description
Options
BFD session using the name of the security keychain. The name you specify must
match one of the keychains configured in the authentication-key-chains key-chain
statement at the [edit security] hierarchy level.
324
BFD session. Use only for transitional periods when authentication might not be
configured at both ends of the BFD session.
detection-time threshold millisecondsConfigure a threshold for the adaptation of the
BFD session detection time. When the detection time adapts to a value equal to or
greater than the threshold, a single trap and a single system log message are sent.
minimum-interval millisecondsConfigure the minimum interval after which the local
routing device transmits a hello packet and then expects to receive a reply from the
neighbor with which it has established a BFD session. Optionally, instead of using
this statement, you can specify the minimum transmit and receive intervals separately
using the transmit-interval minimum-interval and minimum-receive-interval
statements.
Range: 1 through 255,000
minimum-receive-interval millisecondsConfigure the minimum interval after which the
local routing device expects to receive a reply from a neighbor with which it has
established a BFD session. Optionally, instead of using this statement, you can
configure the minimum receive interval using the minimum-interval statement.
Range: 1 through 255,000
multiplier numberConfigure the number of hello packets not received by a neighbor
We recommend that you not disable BFD adaptation unless it is preferable not to
have BFD adaptation enabled in your network.
transmit-interval threshold millisecondsConfigure the threshold for the adaptation of
the BFD session transmit interval. When the transmit interval adapts to a value
greater than the threshold, a single trap and a single system message are sent. The
interval threshold must be greater than the minimum transmit interval.
32
1)
which the local routing device transmits hello packets to a neighbor. Optionally,
instead of using this statement, you can configure the minimum transmit interval
using the minimum-interval statement.
Range: 1 through 255,000
versionConfigure the BFD version to detect: 1 (BFD version 1) or automatic (autodetect
325
Related
Documentation
Release Information
Description
checksum;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Required Privilege
Level
Related
Documentation
326
Example: Enabling Packet Checksums on IS-IS Interfaces for Error Checking on page 39
clns-routing
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
clns-routing;
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
327
clns-updown-compatibility
Syntax
Hierarchy Level
Release Information
Description
clns-updown-compatibility;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
CAUTION: Not using the R bit can lead to potential routing loops. You can
use the site-of-origin (SoO) extended community to prevent a looped BGP
update from being injected back to IS-IS when received from a remote provider
edge (PE) device. The receiving PE device can check against the SoO
community, and if the value matches its own, the NLRI is not accepted.
Required Privilege
Level
Related
Documentation
328
Release Information
Description
Options
context-identifier identifier;
[edit logical-systems logical-system-name protocols isis],
[edit protocols isis]
329
csnp-interval
Syntax
Hierarchy Level
Release Information
Description
Default
Options
By default, IS-IS sends CSNPs periodically. If the routing device is the designated router
on a LAN, IS-IS sends CSNPs every 10 seconds. If the routing device is on a point-to-point
interface, it sends CSNPs every 5 seconds multiplied by the number of IS-IS adjacencies
over point-to-point links, which are in UP state.
disableDo not send CSNPs on this interface.
secondsNumber of seconds between the sending of CSNPs.
330
Example: Configuring the Transmission Frequency for CSNP Packets on IS-IS Interfaces
on page 229
destination
Syntax
destination prefix {
interface (interface-name |all) {
admin-group {
exclude [ group-name ];
include-all [ group-name ];
include-any [ group-name ];
preference [ group-name ];
}
bandwidth-greater-equal-primary;
dest-metric (highest | lowest);
downstream-paths-only ;
evaluation-order [ admin-group srlg bandwidth protection-type neighbor neighbor-tag
metric ];
metric-order [ root dest ];
node {
exclude [ neighbor-address ];
preference [ neighbor-address ];
}
node-tag {
exclude [ route-tag ];
preference [ route-tag ];
}
protection-type (link |node | node-link);
root-metric (highest | lowest) ;
srlg (loose |strict);
}
}
Hierarchy Level
Release Information
Description
Options
331
Release Information
Description
disable;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name protocols isis traffic-engineering],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name
protocols isis interface interface-name level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis traffic-engineering],
[edit protocols isis],
[edit protocols isis interface interface-name],
[edit protocols isis interface interface-name level level-number],
[edit protocols isis traffic-engineering],
[edit routing-instances routing-instance-name protocols isis],
[edit routing-instances routing-instance-name protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number],
[edit routing-instances routing-instance-name protocols isis traffic-engineering]
Default
IS-IS is enabled for Level 1 and Level 2 routers on all interfaces on which family iso is
enabled.
IS-IS support for traffic engineering is enabled.
Required Privilege
Level
Related
Documentation
332
Release Information
Description
Required Privilege
Level
Related
Documentation
disable;
[edit logical-systems logical-system-name protocols isis interface interface-name
ldp-synchronization],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name ldp-synchronization],
[edit protocols isis interface interface-name ldp-synchronization],
[edit routing-instances routing-instance-name protocols isis interface interface-name
ldp-synchronization]
333
Release Information
Description
export [ policy-names ];
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
NOTE: For IS-IS, you cannot apply routing policies that affect how routes are
imported into the routing table; doing so with a link-state protocol can easily
lead to an inconsistent topology database.
Options
Required Privilege
Level
Related
Documentation
334
Example: Configuring an IS-IS Default Route Policy on Logical Systems on page 257
Release Information
Description
Options
external-preference preference;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
1)
Default: 15 (for Level 1 internal routes), 18 (for Level 2 internal routes), 160 (for Level 1
external routes), 165 (for Level 2 external routes)
Required Privilege
Level
Related
Documentation
335
Hierarchy Level
Release Information
Description
Options
family inet {
shortcuts {
multicast-rpf-routes;
}
}
family inet6 {
shortcuts;
}
[edit logical-systems logical-system-name protocols isis traffic-engineering],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis traffic-engineering],
[edit protocols isis traffic-engineering],
[edit routing-instances routing-instance-name protocols isis traffic-engineering]
Required Privilege
Level
336
Hierarchy Level
Release Information
Description
graceful-restart {
disable;
helper-disable;
restart-duration seconds;
}
[edit logical-systems logical-system-name protocols isis],
[edit protocols isis]
Options
The ingress router of the label-switched path (LSP), which passes through the DR, to
break the LSP.
default.
restart-duration secondsTime period for the restart to last, in seconds.
337
hello-authentication-key
Syntax
Hierarchy Level
Release Information
Description
Default
Options
hello-authentication-key password;
[edit logical-systems logical-system-name protocols isis interface interface-name level
number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level number],
[edit protocols isis interface interface-name level number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
number]
Characters can include any ASCII strings. If you include spaces, enclose all characters
in quotation marks ( ).
Required Privilege
Level
Related
Documentation
338
hello-authentication-key-chain
Syntax
Hierarchy Level
Release Information
Description
Options
hello-authentication-key-chain key-chain-name;
[edit logical-systems name protocols isis interface interface-name level level-number],
[edit logical-systems name routing-instances instance-name protocols isis interface
interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances instance-name protocols isis interface interface-name level
level-number]
can include any ASCII strings. If you include spaces, enclose all characters in quotation
marks ( ).
Required Privilege
Level
Related
Documentation
339
hello-authentication-type
Syntax
Hierarchy Level
Release Information
Description
Default
Options
Required Privilege
Level
Related
Documentation
340
Release Information
Description
hello-interval seconds;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Options
341
hello-padding
Syntax
Hierarchy Level
Release Information
Description
342
Adaptive paddingOn point-to-point connections, the hello packets are padded from
the initial detection of a new neighbor until the neighbor verifies the adjacency as Up
in the adjacency state type, length, and value (TLV) tuple. If the neighbor does not
support the adjacency state TLV, then padding continues. On LAN connections, padding
starts from the initial detection of a new neighbor until there is at least one active
adjacency on the interface. Adaptive padding has more overhead than loose padding
and is able to detect MTU asymmetry from one side of the connection. This one-sided
detection can result in generation of extra link-state PDUs that are flooded throughout
the network. Specify the adaptive option to configure enough padding to establish an
adjacency to neighbors.
Loose padding (the default)The hello packet is padded from the initial detection of
a new neighbor until the adjacency transitions to the Up state. Loose padding might
not be able to detect certain situations such as asymmetrical MTUs between the
routing devices. Specify the loose option to configure enough padding to initialize an
adjacency to neighbors.
Options
Strict paddingPadding is done on all interface types and for all adjacency states, and
is continuous. Strict padding has the most overhead. The advantage is that strict
padding detects MTU issues on both sides of a link. Specify the strict option to configure
padding to allow all adjacency states with neighbors.
Required Privilege
Level
Related
Documentation
343
Release Information
Description
hold-time seconds;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Options
Range: 3 through 65,535 seconds, or 1 to send out hello packets every 333 milliseconds
Default: 9 seconds (for designated intermediate system [DIS] routers), 27 seconds (for
non-DIS routers; three times the default hello interval)
Required Privilege
Level
Related
Documentation
344
Release Information
Description
hold-time seconds;
[edit logical-systems logical-system-name protocols isis interface interface-name
ldp-synchronization],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name ldp-synchronization],
[edit protocols isis interface interface-name ldp-synchronization],
[edit routing-instances routing-instance-name protocols isis interface interface-name
ldp-synchronization]
NOTE: When an interface has been in the holddown state for more than
3 minutes, a system log message with a warning level is sent. This message
appears in both the messages file and the trace file.
Options
345
ignore-attached-bit
Syntax
Hierarchy Level
Release Information
Description
ignore-attached-bit;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Default
Required Privilege
Level
346
Release Information
Description
ignore-lsp-metrics;
[edit logical-systems logical-system-name protocols isis traffic-engineering],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis traffic-engineering],
[edit protocols isis traffic-engineering],
[edit routing-instances routing-instance-name protocols isis traffic-engineering]
Required Privilege
Level
Related
Documentation
Example: Enabling Wide IS-IS Metrics for Traffic Engineering on page 213
347
348
Hierarchy Level
Release Information
Description
Configure interface-specific IS-IS properties. To configure more than one interface, include
the interface statement multiple times.
Enabling IS-IS on an interface (by including the interface statement at the [edit protocols
isis] or the [edit routing-instances routing-instance-name protocols isis] hierarchy level),
disabling it (by including the disable statement), and not actually having IS-IS run on an
interface (by including the passive statement) are mutually exclusive states.
Options
allHave Junos OS create IS-IS interfaces automatically. If you include this option, disable
349
Hierarchy Level
Release Information
Description
Options
the bandwidth is greater than or equal to the bandwidth of the primary next hop.
dest-metric (highest | lowest)Specifiy the metric from the one-hop neighbor or from
350
destination.
evaluation-order [ admin-group srlg bandwidth protection-type neighbor neighbor-tag
metric ]Control the order and the criteria of evaluating the backup path. The default
NOTE: For the explicitly configured evaluation order, only the listed
attributes influence the selection of the backup path.
351
metric-order [ root dest ] Specify the order of preference of the root and the destination
metric during the backup path selection. The preference order can be:
[root dest] Backup path selection or preference is first based on the root-metric
criteria. If the criteria of all the root-metric is the same, then the selection or
preference is based on the dest-metric.
[dest root] Backup path selection or preference is first based on the dest-metric
criteria. If the criteria of all the dest-metric is the same, then the selection is based
on the root-metric.
backup path.
shared risk link groups (SRLGs) between the primary link and any link in the backup
path.
loose Allow the backup path that has common srlgs between the primary link and
any link in the backup path. A backup path with a fewer number of srlg collisions
is preferred.
strict Reject the backup path that has common srlgs between the primary link and
352
ipv4-multicast
Syntax
Hierarchy Level
Release Information
Description
ipv4-multicast;
[edit logical-systems logical-system-name protocols isis topologies],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis topologies],
[edit protocols isis topologies],
[edit routing-instances routing-instance-name protocols isis topologies]
NOTE: The IS-IS interface metrics for the IPv4 topology can be configured
independently of the IPv6 metrics. You can also selectively disable interfaces
from participating in the IPv6 topology while continuing to participate in the
IPv4 topology. This lets you exercise control over the paths that unicast data
takes through a network.
Default
Required Privilege
Level
Related
Documentation
353
ipv4-multicast-metric
Syntax
Hierarchy Level
Release Information
Description
Options
ipv4-multicast-metric metric;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
354
ipv6-multicast
Syntax
Hierarchy Level
Release Information
Description
Default
Required Privilege
Level
Related
Documentation
ipv6-multicast;
[edit logical-systems logical-system-name protocols isis topologies],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis topologies],
[edit protocols isis topologies],
[edit routing-instances routing-instance-name protocols isis topologies]
ipv6-multicast-metric
Syntax
Hierarchy Level
Release Information
Description
Options
ipv6-multicast-metric metric;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
355
ipv6-unicast
Syntax
Hierarchy Level
Release Information
Description
ipv6-unicast;
[edit logical-systems logical-system-name protocols isis topologies],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis topologies],
[edit protocols isis topologies],
[edit routing-instances routing-instance-name protocols isis topologies]
NOTE: The IS-IS interface metrics for the IPv4 topology can be configured
independently of the IPv6 metrics. You can also selectively disable interfaces
from participating in the IPv6 topology while continuing to participate in the
IPv4 topology. This lets you exercise control over the paths that unicast data
takes through a network.
Default
Required Privilege
Level
Related
Documentation
356
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
ipv6-unicast-metric
Syntax
Hierarchy Level
Release Information
Description
Options
ipv6-unicast-metric metric;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
357
isis
Syntax
Hierarchy Level
Release Information
Description
isis { ... }
[edit logical-systems logical-system-name protocols],
[edit logical-systems logical-system-name routing-instances routing-instance-name
protocols],
[edit protocols],
[edit routing-instances routing-instance-name protocols]
Default
Required Privilege
Level
Related
Documentation
358
Release Information
Description
Options
Values: 1 or 2
metricMetric value.
Range: 1 through 63, or 1 through 16,777,215 (if you have configured wide metrics)
Default: 0 (for lo0), 10 (for all other interfaces)
Required Privilege
Level
Related
Documentation
359
ldp-synchronization
Syntax
Hierarchy Level
Release Information
Description
ldp-synchronization {
disable;
hold-time seconds;
}
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Required Privilege
Level
Related
Documentation
360
Hierarchy Level
Release Information
Description
level level-number {
authentication-key key;
authentication-key-chain (Protocols IS-IS) key-chain-name;
authentication-type type;
disable;
external-preference preference;
no-csnp-authentication;
no-hello-authentication;
no-psnp-authentication;
preference preference;
wide-metrics-only;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Options
Values: 1 or 2
The remaining statements are explained separately.
Required Privilege
Level
361
Related
Documentation
362
Hierarchy Level
Release Information
Description
Options
level level-number {
level (IS-IS Interfaces);
hello-authentication-key key;
hello-authentication-key-chain key-chain-name;
hello-authentication-type authentication;
hello-interval seconds;
hold-time seconds;
ipv4-multicast-metric number;
ipv6-unicast-metric number;
metric metric;
passive;
priority number;
te-metric metric;
}
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Values: 1 or 2
Default: The routing device operates as both a Level 1 and Level 2 router.
The remaining statements are explained separately.
Required Privilege
Level
Related
Documentation
363
Release Information
Description
Required Privilege
Level
Related
Documentation
link-protection;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
loose-authentication-check
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
364
loose-authentication-check;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
lsp-equal-cost
Syntax
Hierarchy Level
Release Information
Description
lsp-equal-cost;
[edit logical-systems logical-system-name protocols isis traffic-engineering multipath],
[edit protocols isis traffic-engineering multipath]
Required Privilege
Level
Related
Documentation
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
365
lsp-interval
Syntax
Hierarchy Level
Release Information
Description
lsp-interval milliseconds;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Default
Options
By default, the routing device sends one link-state PDU out an interface every
100 milliseconds.
millisecondsNumber of milliseconds between the sending of link-state PDUs. Specifying
366
lsp-lifetime
Syntax
Hierarchy Level
Release Information
Description
lsp-lifetime seconds;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Default
Options
By default, link-state PDUs are maintained in network databases for 1200 seconds
(20 minutes) before being considered invalid. This length of time, called the LSP lifetime,
normally is sufficient to guarantee that link-state PDUs never expire.
secondslink-state PDU lifetime, in seconds.
367
http://www.juniper.net/us/en/training/certification/JNCIP_studyguide.pdf
max-areas
Syntax
Hierarchy Level
Release Information
Description
max-areas number;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis]
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Options
numberMaximum number of areas to include in the IS-IS hello (IIH) PDUs and link-state
PDUs.
Range: 3 through 36
Default: 3
Required Privilege
Level
Related
Documentation
368
max-hello-size
Syntax
Hierarchy Level
Release Information
Description
Options
max-hello-size size;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
369
max-lsp-size
Syntax
Hierarchy Level
Release Information
Description
Options
max-lsp-size size;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
370
max-snp-size
Syntax
Hierarchy Level
Release Information
max-snp-size size;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Description
Modify the maximum size of partial or complete IS-IS sequence number PDUs. IS-IS
sends sequence number packets out of IS-IS enabled interfaces to control the distribution
of link-state PDUs between the IS-IS nodes. Sequence number packets provide a
mechanism to synchronize the link-state databases of routers in the same area.
Options
sizeMaximum size allocated for sequence number of partial or complete IS-IS packets.
371
Release Information
Description
Options
372
Release Information
Description
metric metric;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Table 11: Default Metric Values for Routes Exported into IS-IS
Protocol Used for Learning the Route
Direct
10
Static
Aggregate
10
Generate
10
RIP
OSPF
BGP
10
The default metric values behavior can be customized by using routing policies.
Options
metricMetric value.
373
Range: 1 through 63, or 1 through 16,777,215 (if you have configured wide metrics)
Default: 10 (for all interfaces except lo0), 0 (for the lo0 interface)
Required Privilege
Level
Related
Documentation
Example: Enabling Wide IS-IS Metrics for Traffic Engineering on page 213
multicast-rpf-routes
Syntax
Hierarchy Level
Release Information
Description
multicast-rpf-routes;
[edit logical-systems logical-system-name protocols isis traffic-engineering family inet
shortcuts],
[edit logical-systems logical-system-name routing-instances traffic-engineering family inet
shortcuts],
[edit protocols isis traffic-engineering family inet shortcuts],
[edit routing-instances routing-instance-name protocols isis traffic-engineering family inet
shortcuts]
Required Privilege
Level
Related
Documentation
374
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
Hierarchy Level
Release Information
Description
Options
multipath {
lsp-equal-cost;
}
[edit logical-systems logical-system-name protocols isis traffic-engineering],
[edit protocols isis traffic-engineering]
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
375
Release Information
Description
no-adjacency-down-notification;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit protocols isis interface interface-name]
Required Privilege
Level
Related
Documentation
376
no-neighbor-down-notification
no-adjacency-holddown
Syntax
Hierarchy Level
Release Information
Description
no-adjacency-holddown;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Required Privilege
Level
Related
Documentation
377
no-authentication-check
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
no-authentication-check;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
no-csnp-authentication
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
378
no-csnp-authentication;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
node
Syntax
Hierarchy Level
Release Information
Description
node {
exclude [ node-address ];
preference [ node-address ];
}
[edit logical systems logical-system-name routing-options backup-selection (Protocols
ISIS) destination prefix interface interface name],
[edit logical-systems logical-system-name routing-instances instance-name routing-options
backup-selection destination prefix interface interface-name],
[edit routing-instances instance-name routing-options backup-selection destination prefix
interface interface-name],
[edit routing-options backup-selection (Protocols ISIS) destination prefix interface interface
name]
NOTE: The nodes are identified through the TE-router-ID TLV advertised by
a node in the LSP.
Options
exclude [ node-address ] Specify the list of nodes to be excluded. The backup path that
has a router from the list is not selected as the loop-free alternative or backup next
hop.
node-address Name of one or more nodes to be excluded during backup path
selection.
preference [ node-address ] Define an ordered set of nodes to be preferred. The backup
selection.
Required Privilege
Level
Related
Documentation
379
node-tag
Syntax
Hierarchy Level
Release Information
Description
node-tag {
exclude [ route-tag ];
preference [ route-tag ];
}
[edit logical-systems logical-system-name routing-options backup-selection (Protocols
ISIS) destination prefix interface interface name],
[edit logical-systems logical-system-name routing-instances instance-name routing-options
backup-selection destination prefix interface interface-name],
[edit routing-instances instance-name routing-options backup-selection destination prefix
interface interface-name],
[edit routing-options backup-selection destination prefix interface interface name]
Options
exclude [ route-tag ] Specify that the backup path which has any node or router with
route-tag from this list is not selected as the loop-free alternative or backup-next
hop.
route-tag Name of one or more tags advertised as part of extended IP reachability
with a /32 prefix length that represents the TE-router-ID or node ID of a router.
preference [ route-tag ] Specify the set of route tags in descending order of preference.
route-tag Name of one or more tags advertised as part of extended IP reachability
with a /32 prefix length that represents the TE-router-ID or node ID of a router.
Required Privilege
Level
Related
Documentation
380
Release Information
Description
Required Privilege
Level
Related
Documentation
node-link-protection;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-routers logical-router-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
381
Release Information
Description
Required Privilege
Level
Related
Documentation
no-eligible-backup;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
no-eligible-remote-backup
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
382
no-eligible-remote-backup;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit protocols isis interface interface-name]
[edit protocols (ospf | ospf3) area area-id interface interface-name]
auto-targeted-session
no-hello-authentication
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
no-hello-authentication;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
no-ipv4-multicast
Syntax
Hierarchy Level
Release Information
Description
Default
Required Privilege
Level
Related
Documentation
no-ipv4-multicast;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
383
no-ipv4-routing
Syntax
Hierarchy Level
Release Information
Description
no-ipv4-routing;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
The routing device does not advertise the network layer protocol identifier (NLPID) for
IPv4 in the Junos OS link-state PDU fragment zero.
The routing device does not advertise any IPv4 prefixes in Junos OS link-state PDUs.
The routing device does not advertise the NLPID for IPv4 in Junos OS hello packets.
The routing device does not advertise any IPv4 addresses in Junos OS hello packets.
Required Privilege
Level
Related
Documentation
384
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
no-ipv6-multicast
Syntax
Hierarchy Level
Release Information
Description
Default
Required Privilege
Level
Related
Documentation
no-ipv6-multicast;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
385
no-ipv6-routing
Syntax
Hierarchy Level
Release Information
Description
no-ipv6-routing;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Required Privilege
Level
Related
Documentation
386
The routing device does not advertise the network layer protocol identifier (NLPID) for
IPv6 in the Junos OS link-state PDU fragment zero.
The routing device does not advertise any IPv6 prefixes in Junos OS link-state PDUs.
The routing device does not advertise the NLPID for IPv6 in Junos OS hello packets.
The routing device does not advertise any IPv6 addresses in Junos OS hello packets.
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
no-ipv6-unicast
Syntax
Hierarchy Level
Release Information
Description
Default
Required Privilege
Level
Related
Documentation
no-ipv6-unicast;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
no-psnp-authentication
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
no-psnp-authentication;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
387
no-unicast-topology
Syntax
Hierarchy Level
Release Information
Description
Default
Required Privilege
Level
Related
Documentation
388
no-unicast-topology;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Hierarchy Level
Release Information
Description
overload {
advertise-high-metrics;
allow-route-leaking;
timeout seconds;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
When the overload bit has already been set to a given value and the routing process
is restarted: Link-state PDUs are regenerated with the overload bit cleared.
2. When the overload bit is reset to a lesser value while the routing process is running:
Link-state PDUs are regenerated with the overload bit set to the difference between
the old and new value.
389
In overload mode, the routing device advertisement is originated with all the transit routing
device links (except stub) set to a metric of 0xFFFF. The stub routing device links are
advertised with the actual cost of the interfaces corresponding to the stub. This causes
the transit traffic to avoid the overloaded routing device and take paths around the routing
device.
To understand the reason for setting the overload bit, consider that BGP converges slowly.
It is not very good at detecting that a neighbor is down because it has slow-paced
keepalive timers. Once the BGP neighbor is determined to be down, it can take up to 2
minutes for a BGP router to declare the neighbor down. IS-IS is much quicker. IS-IS only
takes 10-30 seconds to detect absent peers. It is the slowness of BGP, more precisely
the slowness of internal BGP (IBGP), that necessitates the use of the overload bit. IS-IS
and BGP routing are mutually dependent on each other. If both do not converge at the
same time, traffic is dropped without notification (black holed).
You might want to configure the routing device so that it appears to be overloaded when
you are restarting routing on the device. Setting the overload bit for a fixed amount of
time right after a restart of the routing protocol process (rpd) ensures that the router
does not receive transit traffic while the routing protocols (especially IBGP) are still
converging.
Setting the overload bit is useful when performing hardware or software maintenance
work on a routing device. After the maintenance work, clear the overload bit to carry on
forwarding transit traffic. Manual clearing of the overload bit is not always possible. What
is needed is an automated way of clearing the overload bit after some amount of time.
Most networks use a time value of 300 seconds. This 5-minute value provides a good
balance, allowing time to bring up even large internal IBGP meshes, while still relatively
quick.
Another appropriate application for setting for the overload bit is on dedicated devices
such as BGP route reflectors, which are intentionally not meant to carry any transit traffic.
In this case, you would not use the timer.
You can verify that the overload bit is set by running the show isis database command.
390
Options
overload bit.
The advertise-high-metric setting is only valid while the routing device is in overload mode.
When advertise-high-metric is configured, IS-IS does not set the overload bit. Rather,
it sets the metric to 63 or 16,777,214, depending whether wide metrics are enabled.
This allows the overloaded routing device to be used for transit as a last resort.
An L1-L2 router in overload mode stops leaking route information between L1 and L2
levels and clears its attached bit. This is also true when advertise-high-metrics is
configured.
allow-route-leakingEnable leaking of route information into the network even if the
NOTE: The allow-route-leaking option does not work if the routing device is
in dynamic overload mode. Dynamic overload can occur if the device has
exceeded its resource limits, such as the prefix limit.
391
Hierarchy Level
Release Information
Description
passive {
remote-node-id address;
remote-node-iso iso-id;
}
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
If neither passive mode nor the family iso option is configured on the IS-IS interface, then
the routing device treats the interface as not being operational, and no direct IPv4/IPv6
routes are exported into IS-IS. (You configure the family iso option at the [edit interfaces
interface-name unit logical-unit-number] hierarchy level.)
Default
Options
392
By default, IS-IS must be configured on an interface or a level for direct interface addresses
to be advertised into that level.
remote-node-id addressIP address of the remote link.
Required Privilege
Level
Related
Documentation
point-to-point
Syntax
Hierarchy Level
Release Information
Description
point-to-point;
[edit logical-systems logical-system-name protocols isis interface interface-name],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name],
[edit protocols isis interface interface-name],
[edit routing-instances routing-instance-name protocols isis interface interface-name]
Required Privilege
Level
Related
Documentation
393
Release Information
Description
preference preference;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
Options
preferencePreference value.
32
1)
Default: 15 (for Level 1 internal routes), 18 (for Level 2 internal routes), 160 (for Level 1
external routes), 165 (for Level 2 external routes)
Required Privilege
Level
Related
Documentation
394
Release Information
Description
prefix-export-limit number;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
Options
numberPrefix limit.
32
1)
Default: None
Required Privilege
Level
Related
Documentation
395
Release Information
Description
priority number;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Options
numberPriority value.
396
protocols
Syntax
protocols {
bgp {
... bgp-configuration ...
}
isis {
... isis-configuration ...
}
ldp {
... ldp-configuration ...
}
mpls {
... mpls -configuration ...
}
msdp {
... msdp-configuration ...
}
mstp {
... mstp-configuration ...
}
ospf {
domain-id domain-id;
domain-vpn-tag number;
route-type-community (iana | vendor);
traffic-engineering {
<advertise-unnumbered-interfaces>;
<credibility-protocol-preference>;
ignore-lsp-metrics;
multicast-rpf-routes;
no-topology;
shortcuts {
lsp-metric-into-summary;
}
}
... ospf-configuration ...
}
ospf3 {
domain-id domain-id;
domain-vpn-tag number;
route-type-community (iana | vendor);
traffic-engineering {
<advertise-unnumbered-interfaces>;
<credibility-protocol-preference>;
ignore-lsp-metrics;
multicast-rpf-routes;
no-topology;
shortcuts {
lsp-metric-into-summary;
}
}
... ospf3-configuration ...
}
pim {
397
Hierarchy Level
Release Information
Description
398
Options
instance.
ospfSpecify OSPF as the protocol for a routing instance.
ospf3Specify OSPF version 3 (OSPFv3) as the protocol for a routing instance.
pimSpecify the Protocol Independent Multicast (PIM) protocol for a routing instance.
ripSpecify RIP as the protocol for a routing instance.
ripngSpecify RIP next generation (RIPng) as the protocol for a routing instance.
rstpSpecify the Rapid Spanning Tree Protocol (RSTP) for a virtual switch routing
instance.
rsvpSpecify the RSVP for a routing instance.
vstpSpecify the VLAN Spanning Tree Protocol (VSTP) for a virtual switch routing
instance.
vplsSpecify VPLS as the protocol for a routing instance.
Required Privilege
Level
Related
Documentation
399
Release Information
Description
reference-bandwidth reference-bandwidth;
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
For example, if you set the reference bandwidth to 1 Gbps (that is, reference-bandwidth
is set to 1,000,000,000), a 100-Mbps interface has a routing metric of 10.
All IS-IS interfaces have a cost, which is a routing metric that is used in the IS-IS link-state
calculation. Routes with lower total path metrics are preferred over those with higher
path metrics.
Options
400
http://www.juniper.net/us/en/training/certification/JNCIP_studyguide.pdf
remote-backup-calculation
Syntax
Hierarchy Level
Release Information
Description
Required Privilege
Level
Related
Documentation
remote-backup-calculation;
[edit logical-systems logical-system-name protocols isis backup-spf-options],
[edit protocols isis backup-spf-options]
auto-targeted-session
401
Hierarchy Level
Release Information
Description
rib-group {
inet group-name;
inet6 group-name;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Options
402
Example: Exporting Specific Routes from One Routing Table Into Another Routing Table
Release Information
Description
Each routing instance has a unique name and a corresponding IP unicast table. For
example, if you configure a routing instance with the name my-instance, its corresponding
IP unicast table is my-instance.inet.0. All routes for my-instance are installed into
my-instance.inet.0.
Routes are installed into the default routing instance inet.0 by default, unless a routing
instance is specified.
In Junos OS Release 9.0 and later, you can no longer specify a routing-instance name of
master, default, or bgp or include special characters within the name of a routing instance.
In Junos OS Release 9.6 and later, you can include a slash (/) in a routing-instance name
only if a logical system is not configured. That is, you cannot include the slash character
in a routing-instance name if a logical system other than the default is explicitly configured.
Routing-instance names, further, are restricted from having the form __.*__ (beginning
and ending with underscores). The colon : character cannot be used when multitopology
routing (MTR) is enabled.
Default
Options
403
Hierarchy Level
Release Information
Description
shortcuts {
multicast-rpf-routes;
}
[edit logical-systems logical-system-name protocols isis traffic-engineering family (inet |
inet6)],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis traffic-engineering family (inet | inet6)],
[edit protocols isis traffic-engineering family (inet | inet6)],
[edit routing-instances routing-instance-name protocols isis traffic-engineering family (inet
| inet6)]
Required Privilege
Level
Related
Documentation
404
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
Hierarchy Level
spf-options {
delay milliseconds;
holddown milliseconds;
rapid-runs number;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Release Information
Description
The delay in the time between the detection of a topology change and when the SPF
algorithm actually runs.
The maximum number of times that the SPF algorithm can run in succession before
the hold-down timer begins.
The time to hold down, or wait, before running another SPF calculation after the SPF
algorithm has run in succession the configured maximum number of times.
If the network stabilizes during the hold-down period and the SPF algorithm does not
need to run again, the system reverts to the configured values for the delay and rapid-runs
statements.
Options
delay millisecondsTime interval between the detection of a topology change and when
algorithm runs after the SPF algorithm has run the configured maximum number of
times in succession.
Range: 2000 through 10,000 milliseconds
Default: 5000 milliseconds
405
rapid-runs numberMaximum number of times the SPF algorithm can run in succession.
406
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
static-host-mapping
Syntax
Hierarchy Level
Release Information
Description
Default
Options
static-host-mapping {
hostname {
alias [ aliases ];
inet [ addresses ];
inet6 [ addresses];
sysid system-identifier;
}
}
[edit system]
407
Release Information
Description
te-metric metric;
[edit logical-systems logical-system-name protocols isis interface interface-name level
level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis interface interface-name level level-number],
[edit protocols isis interface interface-name level level-number],
[edit routing-instances routing-instance-name protocols isis interface interface-name level
level-number]
Options
metricMetric value.
408
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
Hierarchy Level
Release Information
Description
topologies {
ipv4-multicast;
ipv6-multicast;
ipv6-unicast;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Required Privilege
Level
Related
Documentation
Example: Configuring IS-IS IPv4 and IPv6 Unicast Topologies on page 150
409
Hierarchy Level
Release Information
Description
traceoptions {
file name <size size> <files number> <world-readable | no-world-readable>;
flag flag <flag-modifier> <disable>;
}
[edit logical-systems logical-system-name protocols isis],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis],
[edit protocols isis],
[edit routing-instances routing-instance-name protocols isis]
Default
The default IS-IS protocol-level tracing options are those inherited from the routing
protocols traceoptions statement included at the [edit routing-options] hierarchy level.
Options
disable(Optional) Disable the tracing operation. You can use this option to disable a
single operation when you have defined a broad group of tracing operations, such
as all.
file nameName of the file to receive the output of the tracing operation. Enclose the
name within quotation marks ( ). All files are placed in the directory /var/log. We
recommend that you place IS-IS tracing output in the file isis-log.
files number(Optional) Maximum number of trace files. When a trace file named
trace-file reaches its maximum size, it is renamed trace-file.0, then trace-file.1, and
so on, until the maximum number of trace files is reached. Then, the oldest trace file
is overwritten.
If you specify a maximum number of files, you also must specify a maximum file size with
the size option.
Range: 2 through 1000 files
Default: 10 files
flag flagTracing operation to perform. To specify more than one flag, include multiple
flag statements.
IS-IS Protocol-Specific Tracing Flags
410
helloHello packets
lspLink-state PDUs
spfShortest-path-first calculations
Default: If you do not specify this option, only unusual or abnormal operations are traced.
stateState transitions
flag-modifier(Optional) Modifier for the tracing flag. You can specify one or more of
these modifiers:
411
size size(Optional) Maximum size of each trace file, in kilobytes (KB), megabytes (MB),
or gigabytes (GB). When a trace file named trace-file reaches this size, it is renamed
trace-file.0. When the trace-file again reaches its maximum size, trace-file.0 is renamed
trace-file.1 and trace-file is renamed trace-file.0. This renaming scheme continues
until the maximum number of trace files is reached. Then, the oldest trace file is
overwritten. Note that if you specify a maximum file size, you also must specify a
maximum number of trace files with the files option.
Syntax: xk to specify KB, xm to specify MB, or xg to specify GB
Range: 10 KB through the maximum file size supported on your system
Default: 128 KB
world-readable(Optional) Allow any user to read the log file.
Required Privilege
Level
Related
Documentation
412
Example: Enabling Packet Checksums on IS-IS Interfaces for Error Checking on page 39
Hierarchy Level
Release Information
Description
traffic-engineering {
disable;
credibility-protocol-preference;
family inet {
shortcuts {
multicast-rpf-routes;
}
}
family inet6 {
shortcuts;
}
multipath {
lsp-equal-cost;
}
}
[edit logical-systems logical-system-name protocols isis],
[edit protocols isis]
413
tunnel egress by pushing an extra IPv6 explicit null label between the IPv6 payload and
the IPv4 transport label.
RSVP LSPs with a higher preference than IS-IS routes are not considered during the
computation of traffic engineering shortcuts.
To configure IS-IS so that it uses LSPs as shortcuts when installing information in the
inet.3 or inet6.3 routing table, include the following statements:
family inet {
shortcuts {
multicast-rpf-routes;
}
}
family inet6 {
shortcuts;
}
For IPv4 traffic, include the inet statement. For IPv6 traffic, include the inet6 statement.
To configure load balancing across multiple LSPs, include the multipath statement.
When traffic engineering shortcuts are used, RSVP first looks at the metric2 value, which
is derived from the IGP cost. After this, RSVP considers the LSP metric value. So, if a
certain path changes for an LSP and the cost changes, not all LSPs are used to loadbalance the network.
When a route with an improved metric is added to the IS-IS internal routing table, IS-IS
flushes all next-hop information (including LSP next-hop information) for a route. This
is undesirable, because certain equal-cost multipath (ECMP) combinations can be lost
during route calculation. To override this default behavior for load balancing, include the
lsp-equal-cost statement to retain the equal cost path information in the routing table.
multipath {
lsp-equal-cost;
}
Because the inet.3 routing table is present only on ingress routers, you can configure LSP
shortcuts only on these routers.
Default
414
Options
preference for IGP routes to determine the traffic engineering database credibility
value. By default, the traffic engineering database prefers IS-IS routes even when
the routes of another IGP are configured with a lower, that is, more preferred value.
Use this statement to override this default behavior.
The traffic engineering database assigns a credibility value to each IGP and prefers
the routes of the IGP with the highest credibility value. In Junos OS Release 9.4 and
later, you can configure IS-IS to take protocol preference into account to determine
the traffic engineering database credibility value. When protocol preference is used
to determine the credibility value, IS-IS routes are not automatically preferred by
the traffic engineering database, depending on your configuration. For example,
OSPF routes have a default preference value of 10, whereas IS-IS Level 1 routes have
a default preference value of 15. When protocol preference is enabled, the credibility
value is determined by deducting the protocol preference value from a base value
of 512. Using default protocol preference values, OSPF has a credibility value of 502,
whereas IS-IS has a credibility value of 497. Because the traffic engineering database
prefers IGP routes with the highest credibility value, OSPF routes are now preferred.
when a better path metric is found during the IS-IS internal routing table calculation.
When a route with an improved metric is added to the IS-IS internal routing table,
IS-IS flushes all next-hop information (including LSP next-hop information) for a
route. This is undesirable, because certain equal-cost multipath (ECMP) combinations
can be lost during route calculation. To override this default IS-IS behavior, include
the lsp-equal-cost statement for load balancing, so that the equal cost path
information is retained in the routing table.
multipathEnable load balancing for multiple LSPs.
traffic-engineering (OSPF)
Using Labeled-Switched Paths to Augment SPF to Compute IGP Shortcuts on page 190
415
wide-metrics-only
Syntax
Hierarchy Level
Release Information
Description
wide-metrics-only;
[edit logical-systems logical-system-name protocols isis level level-number],
[edit logical-systems logical-system-name routing-instances routing-instance-name protocols
isis level level-number],
[edit protocols isis level level-number],
[edit routing-instances routing-instance-name protocols isis level level-number]
Default
Required Privilege
Level
Related
Documentation
416
By default, Junos OS supports the sending and receiving of wide metrics. Junos OS allows
a maximum metric value of 63 and generates both pairs of TLVs.
routingTo view this statement in the configuration.
routing-controlTo add this statement to the configuration.
CHAPTER 17
Operational Commands
ping clns
restart
show backup-selection
show policy
show route
417
418
test policy
traceroute clns
Release Information
Description
Options
specified address.
discriminator discr-number(Optional) Clear adaptation for the local BFD session
Required Privilege
Level
Related
Documentation
List of Sample Output
Output Fields
Sample Output
clear bfd adaptation
user@host> clear bfd adaptation
419
Syntax
Description
Options
discriminator.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
clear
Sample Output
clear bfd session
user@host> clear bfd session
420
Syntax
Release Information
Description
Options
Both clear isis adjacency and clear isis adjacency all function identically.
instance instance-name(Optional) Clear all adjacencies for the specified routing instance
only.
interface interface-name(Optional) Clear all adjacencies for the specified interface only.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
Required Privilege
Level
Related
Documentation
List of Sample Output
Output Fields
clear
421
Sample Output
clear isis adjacency
The following sample output displays IS-IS adjacency database information before and
after the clear isis adjacency command is entered:
user@host> show isis adjacency
IS-IS adjacency database:
Interface
System
so-1/0/0.0
karakul
so-1/1/3.0
1921.6800.5080
so-5/0/0.0
1921.6800.5080
L
3
3
3
State
Up
Up
Up
L
3
3
3
State
Hold (secs) SNPA
Initializing
26
Up
24
Up
21
State
Hold (secs) SNPA
Initializing
26
Initializing
24
Initializing
21
422
Syntax
Description
Options
clear
Sample Output
clear isis database
The following sample output displays IS-IS link-state database information before and
after the clear isis database command is entered:
user@host> show isis database
IS-IS level 1 link-state database:
LSP ID
Sequence Checksum Lifetime (secs)
crater.00-00
0x12
0x84dd
1139
1 LSPs
IS-IS level 2 link-state database:
423
LSP ID
crater.00-00
badlands.00-00
carlsbad.00-00
ranier.00-00
1921.6800.5066.00-00
1921.6800.5067.00-00
6 LSPs
424
Syntax
Description
Options
routing instance.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
clear
Sample Output
clear isis overload
The following sample output displays IS-IS database information before and after the
clear isis overload command is entered:
user@host> show isis database
425
pro2-a.00-00
pro2-a.02-00
3 LSPs
0x91e
0x1
0x2589
0xcbc
874 L1 L2
874 L1 L2
426
Syntax
Description
Options
view
Sample Output
clear isis statistics
The following sample output displays IS-IS statistics before and after the
clear isis statistics command is entered:
user@host> show isis statistics
IS-IS statistics for merino:
PDU type
LSP
IIH
CSNP
PSNP
Unknown
Received
12793
116751
203956
7356
0
Processed
12793
116751
203956
7350
0
Drops
0
0
0
6
0
Sent
8666
118834
204080
8635
0
Rexmit
719
0
0
0
0
427
Totals
340856
340850
340215
719
Sent
0
3
4
0
0
7
Rexmit
0
0
0
0
0
0
0 Drops:
0 Drops:
0
0
1064
1087
436
0
Received
0
3
2
0
0
5
Processed
0
3
2
0
0
5
Drops
0
0
0
0
0
0
428
0 Drops:
0 Drops:
SPF runs:
Fragments rebuilt:
LSP regenerations:
Purges initiated:
0
0
0
0
0
0
ping clns
Syntax
Release Information
Description
Options
ping packets.
interval seconds(Optional) How often to send ping requests. The range of values, in
logical system.
no-resolve(Optional) Do not attempt to determine the hostname that corresponds to
the IP address.
pattern string(Optional) Specify a hexadecimal fill pattern to include in the ping packet.
rapid(Optional) Send ping requests rapidly. The results are reported in a single message,
not in individual messages for each ping request. By default, five ping requests are
sent before the results are reported. To change the number of request, include the
count option.
429
ping attempt.
size bytes(Optional) Size of ping request packets. The range of values, in bytes, is 0
through 65,468. The default value is 56, which is effectively 64 bytes because 8
bytes of ICMP header data are added to the packet.
source source-address(Optional) IP address of the outgoing interface. This address is
sent in the IP source address field of the ping request. If this option is not specified,
the default address is usually the loopback interface.
ttl value(Optional) Time-to-live (TTL) value to include in the ping request (IPv6). The
If this option is not specified, the default delay is 10 seconds. If this option is used
without the count option, a default count of 5 packets is used.
Required Privilege
Level
List of Sample Output
Output Fields
network
Sample Output
ping clns
user@host> ping clns 47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00
PING 47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00
(47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00): 55 data bytes
64 bytes from 47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00: seq=0 ttl=30
time=15.051 ms
64 bytes from 47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00: seq=1 ttl=30
time=10.370 ms
64 bytes from 47.0005.9000.f800.0000.0108.0001.1921.6812.4058.00: seq=2 ttl=30
time=10.367 ms
--- ping statistics --3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/stddev = 10.367/11.929/15.051/2.207 ms
430
restart
List of Syntax
Syntax
restart
<adaptive-services |audit-process | auto-configuration | autoinstallation |chassis-control |
class-of-service |clksyncd-service |database-replication| dhcp-service | diameter-service
| disk-monitoring | dynamic-flow-capture | ethernet-connectivity-fault-management
|ethernet-link-fault-management |event-processing | firewall
|general-authentication-service | gracefully | immediately |interface-control |
ipsec-key-management | l2-learning | lacp |link-management |mib-process | mountd-service
|mpls-traceroute |mspd | named-service | nfsd-service | pgm | pki-service |ppp | pppoe |
redundancy-interface-process | remote-operations | routing | sampling | sdk-service
|secure-neighbor-discovery | service-deployment | services | snmp |soft |statistics-service|
subscriber-management | subscriber-management-helper | tunnel-oamd | vrrp>
restart
<autoinstallation | chassis-control | class-of-service | database-replication | dhcp |
dhcp-service | diameter-service | dot1x-protocol | ethernet-link-fault-management |
ethernet-switching | event-processing | firewall | general-authentication-service |
interface-control | kernel-replication | l2-learning | lacp | license-service | link-management
| lldpd-service | mib-process | mountd-service | multicast-snooping | pgm |
redundancy-interface-process | remote-operations | routing | secure-neighbor-discovery
| service-deployment | sflow-service | snmp | vrrp | web-management>
431
restart
<adaptive-services | ancpd-service |application-identification|audit-process |
auto-configuration |captive-portal-content-delivery |ce-l2tp-service |chassis-control |
class-of-service |clksyncd-service |database-replication| datapath-trace-service
|dhcp-service | diameter-service | disk-monitoring | dynamic-flow-capture |
ecc-error-logging | ethernet-connectivity-fault-management
|ethernet-link-fault-management |event-processing | firewall |
general-authentication-service | gracefully |iccp-service |idp-policy |immediately
|interface-control | ipsec-key-management | kernel-replication | l2-learning |l2cpd-service
|l2tp-service | l2tp-universal-edge | lacp | license-service |link-management
|local-policy-decision-function |mac-validation |mib-process | mountd-service
|mpls-traceroute |mspd | multicast-snooping |named-service | nfsd-service |
packet-triggered-subscribers |peer-selection-service | pgm | pic-services-logging |
pki-service |ppp | ppp-service |pppoe | protected-system-domain-service |
redundancy-interface-process | remote-operations |root-system-domain-service | routing
|routing <logical-system logical-system-name> | sampling | sbc-configuration-process |
sdk-service |service-deployment |services | snmp |soft |static-subscribers |statistics-service|
subscriber-management | subscriber-management-helper | tunnel-oamd | usb-control|
vrrp |web-management>
<all-members>
<gracefully | immediately | soft>
<local>
<member member-id>
restart
<adaptive-services | audit-process | chassis-control | class-of-service | dialer-services |
diameter-service | dlsw | ethernet-connectivity | event-processing | fibre-channel | firewall
| general-authentication-service | igmp-host-services | interface-control |
ipsec-key-management | isdn-signaling | l2ald | l2-learning | l2tp-service | mib-process |
named-service | network-access-service | nstrace-process | pgm | ppp | pppoe |
redundancy-interface-process | remote-operations |logical-system-name> | routing |
sampling |secure-neighbor-discovery | service-deployment | snmp | usb-control |
web-management>
<gracefully | immediately | soft>
Syntax (Routing
Matrix)
432
restart
<adaptive-services | audit-process | chassis-control | class-of-service | disk-monitoring |
dynamic-flow-capture | ecc-error-logging | event-processing | firewall | interface-control
| ipsec-key-management | kernel-replication | l2-learning | l2tp-service | lacp |
link-management | mib-process | pgm | pic-services-logging | ppp | pppoe |
redundancy-interface-process | remote-operations | routing <logical-system
logical-system-name> | sampling | service-deployment | snmp>
<all | all-lcc | lcc number>
<gracefully | immediately | soft>
restart
<adaptive-services | audit-process | chassis-control | class-of-service | dhcp-service |
diameter-service | disk-monitoring | dynamic-flow-capture | ecc-error-logging |
event-processing | firewall | interface-control | ipsec-key-management | kernel-replication
| l2-learning | l2tp-service | lacp | link-management | mib-process |pgm | pic-services-logging
| ppp | pppoe | redundancy-interface-process | remote-operations | routing <logical-system
logical-system-name> | sampling | service-deployment | snmp| statistics-service>
<all-chassis | all-lcc | lcc number | scc>
<gracefully | immediately | soft>
Release Information
Description
restart
<adaptive-services | audit-process | chassis-control | class-of-service | dhcp-service |
diameter-service | disk-monitoring | dynamic-flow-capture | ecc-error-logging |
event-processing | firewall | interface-control | ipsec-key-management | kernel-replication
| l2-learning | l2tp-service | lacp | link-management | mib-process | pgm |
pic-services-logging | ppp | pppoe | redundancy-interface-process | remote-operations |
routing <logical-system logical-system-name> | sampling | service-deployment | snmp|
statistics-service>
<all-chassis | all-lcc | all-sfc | lcc number | sfc number>
<gracefully | immediately | soft>
sfc and all-sfc for the TX Matrix Router in Junos OS Release 9.6.
Options
noneSame as gracefully.
adaptive-services(Optional) Restart the configuration management process that
manages the configuration for stateful firewall, Network Address Translation (NAT),
intrusion detection services (IDS), and IP Security (IPsec) services on the Adaptive
Services PIC.
all-chassis(TX Matrix and TX Matrix Plus routers only) (Optional) Restart the software
restart the software process on all T640 routers connected to the TX Matrix router.
433
For a TX Matrix Plus router, restart the software process on all T1600 routers
connected to the TX Matrix Plus router.
all-members(MX Series routers only) (Optional) Restart the software process for all
software processes for the TX Matrix Plus router (or switch-fabric chassis).
ancpd-service(Optional) Restart the Access Node Control Protocol (ANCP) process,
which works with a special Internet Group Management Protocol (IGMP) session to
collect outgoing interface mapping events in a scalable manner.
application-identification(Optional) Restart the process that identifies an application
using intrusion detection and prevention (IDP) to allow or deny traffic based on
applications running on standard or nonstandard ports.
audit-process(Optional) Restart the RADIUS accounting process that gathers statistical
data that can be used for general network monitoring, analyzing, and tracking usage
patterns, for billing a user based on the amount of time or type of services accessed.
auto-configuration(Optional) Restart the Interface Auto-Configuration process.
autoinstallation(EX Series switches only) (Optional) Restart the autoinstallation
process.
captive-portal-content-delivery(Optional) Restart the HTTP redirect service by specifying
the location to which a subscriber's initial Web browser session is redirected, enabling
initial provisioning and service selection for the subscriber.
ce-l2tp-service(M10, M10i, M7i, and MX Series routers only) (Optional) Restart the
Universal Edge Layer 2 Tunneling Protocol (L2TP) process, which establishes L2TP
tunnels and Point-to-Point Protocol (PPP) sessions through L2TP tunnels.
chassis-control(Optional) Restart the chassis management process.
class-of-service(Optional) Restart the class-of-service (CoS) process, which controls
434
dialer-services(EX Series switches only) (Optional) Restart the ISDN dial-out process.
diameter-service(Optional) Restart the diameter process.
disk-monitoring(Optional) Restart disk monitoring, which checks the health of the hard
(Optional) Restart the process that provides the OAM link fault management (LFM)
information for Ethernet interfaces.
ethernet-switching(EX Series switches only) (Optional) Restart the Ethernet switching
process.
event-processing(Optional) Restart the event process (eventd).
fibre-channel(QFX Series only) (Optional) Restart the Fibre Channel process.
firewall(Optional) Restart the firewall management process, which manages the
firewall configuration and enables accepting or rejecting packets that are transiting
an interface on a router or switch.
general-authentication-service(EX Series switches and MX Series routers only)
process.
idp-policy(Optional) Restart the intrusion detection and prevention (IDP) protocol
process.
immediately(Optional) Immediately restart the software process.
interface-control(Optional) Restart the interface process, which controls the router's
435
the state of the backup Routing Engine when graceful Routing Engine switchover
(GRES) is configured.
l2-learning(Optional) Restart the Layer 2 address flooding and learning process.
l2cpd-service(Optional) Restart the Layer 2 Control Protocol process, which enables
Tunneling Protocol (L2TP) process, which sets up client services for establishing
Point-to-Point Protocol (PPP) tunnels across a network and negotiating Multilink
PPP if it is implemented.
l2tp-universal-edge(MX Series routers only) (Optional) Restart the L2TP process, which
restart the software process for a specific T640 router that is connected to the TX
Matrix router. For a TX Matrix Plus router, restart the software process for a specific
router that is connected to the TX Matrix Plus router.
Replace number with the following values depending on the LCC configuration:
0 through 7, when T1600 routers are connected to a TX Matrix Plus router with 3D
SIBs in a routing matrix.
management process.
link-management (TX Matrix and TX Matrix Plus routers and EX Series switches only)
(Optional) Restart the Link Management Protocol (LMP) process, which establishes
and maintains LMP control channels.
436
lldpd-service(EX Series switches only) (Optional) Restart the Link Layer Discovery
which configures MAC address validation for subscriber interfaces created on demux
interfaces in dynamic profiles on MX Series routers.
member member-id(MX Series routers only) (Optional) Restart the software process
for a specific member of the Virtual Chassis configuration. Replace member-id with
a value of 0 or 1.
mib-process(Optional) Restart the Management Information Base (MIB) version II
the multicast snooping process, which makes Layer 2 devices, such as VLAN switches,
aware of Layer 3 information, such as the media access control (MAC) addresses
of members of a multicast group.
named-service(Optional) Restart the DNS Server process, which is used by a router or
policy control (PTSP) process, which allows the application of policies to dynamic
subscribers that are controlled by a subscriber termination device.
peer-selection-service(Optional) Restart the Peer Selection Service process.
pgm(Optional) Restart the process that implements the Pragmatic General Multicast
437
pic-services-logging(Optional) Restart the logging process for some PICs. With this
process, also known as fsad (the file system access daemon), PICs send special
logging information to the Routing Engine for archiving on the hard disk.
pki-service(Optional) Restart the PKI Service process.
ppp(Optional) Restart the Point-to-Point Protocol (PPP) process, which is the
which combines PPP that typically runs over broadband connections with the
Ethernet link-layer protocol that allows users to connect to a network of hosts over
a bridge or access concentrator.
protected-system-domain-service(Optional) Restart the Protected System Domain
(PSD) process.
redundancy-interface-process(Optional) Restart the ASP redundancy process.
remote-operations(Optional) Restart the remote operations process, which provides
process, which controls the routing protocols that run on the router or switch and
maintains the routing tables. Optionally, restart the routing protocol process for the
specified logical system only.
sampling(Optional) Restart the sampling process, which performs packet sampling
based on particular input interfaces and various fields in the packet header.
sbc-configuration-process(Optional) Restart the session border controller (SBC) process
Engine and is responsible for communications between the SDK application and
Junos OS. Although the SDK Service process is present on the router, it is turned off
by default.
secure-neighbor-discovery(QFX Series, EX Series switches, and MX Series routers only)
(Optional) Restart the secure Neighbor Discovery Protocol (NDP) process, which
provides support for protecting NDP messages.
438
sfc number(TX Matrix Plus routers only) (Optional) Restart the software process on
the TX Matrix Plus router (or switch-fabric chassis). Replace number with 0.
service-deployment(Optional) Restart the service deployment process, which enables
Junos OS to work with the Session and Resource Control (SRC) software.
services(Optional) Restart a service.
sflow-service(EX Series switches only) (Optional) Restart the flow sampling (sFlow
technology) process.
snmp(Optional) Restart the SNMP process, which enables the monitoring of network
devices from a central location and provides the router's or switchs SNMP master
agent.
soft(Optional) Reread and reactivate the configuration without completely restarting
the software processes. For example, BGP peers stay up and the routing table stays
constant. Omitting this option results in a graceful restart of the software process.
static-subscribers(Optional) Restart the static subscribers process, which associates
Engine statistics.
subscriber-management(Optional) Restart the Subscriber Management process.
subscriber-management-helper(Optional) Restart the Subscriber Management Helper
process.
tunnel-oamd(Optional) Restart the Tunnel OAM process, which enables the Operations,
Restart the Virtual Router Redundancy Protocol (VRRP) process, which enables
hosts on a LAN to make use of redundant routing platforms on that LAN without
requiring more than the static configuration of a single default route on the hosts.
web-management(QFX Series, EX Series switches, and MX Series routers only)
reset
439
Sample Output
restart interfaces
user@host> restart interfaces
interfaces process terminated
interfaces process restarted
440
Syntax
Release Information
Description
Options
neighbor address.
client rsvp-oam
(brief | detail | extensive | summary)
| vpls-oam
(brief | detail | extensive | instance instance-name | summary)(Optional) Display
441
prefix address(Optional) Display information about all of the BFD sessions for the
Output Fields
view
Understanding BFD for Static Routes for Faster Network Failure Detection
Example: Configuring BFD for Static Routes for Faster Network Failure Detection
Field Description
Level of Output
Address
none
State
none
Interface
none
Detect Time
none
442
Field Description
Level of Output
Transmit Interval
Time interval, in seconds, used by the transmitting system to send BFD control
packets.
Multiplier
detail extensive
Session up time
detail extensive
Client
Protocol for which the BFD session is active: ISIS, OSPF, DHCP, or Static.
detail extensive
TX interval
Time interval, in seconds, used by the host system to transmit BFD control
packets.
Authenticate
detail extensive
keychain
extensive
RX interval
none
none
none
extensive
extensive
detail extensive
Remote diagnostic
detail extensive
Remote state
Reports whether the remote system's BFD packets have been received and
whether the remote system is receiving transmitted control packets.
detail extensive
Version
BFD version: 0 or 1.
extensive
443
Field Description
Level of Output
Replicated
The replicated flag appears when nonstop routing or graceful Routing Engine
switchover is configured and the BFD session has been replicated to the backup
Routing Engine.
detail extensive
extensive
extensive
Adaptive async TX
interval
extensive
RX interval
extensive
Local min TX
interval
extensive
Local min RX
interval
extensive
Remote min TX
interval
extensive
Remote min TX
interval
extensive
Threshold
transmission
interval
extensive
Threshold for
detection time
extensive
Local discriminator
Authentication code used by the local system to identify that BFD session.
extensive
Remote
discriminator
Authentication code used by the remote system to identify that BFD session.
extensive
Echo mode
extensive
Prefix
All levels
Egress, Destination
Displays the LDP FEC destination address. This field is displayed only on a router
at the egress of an LDP FEC, where the BFD session has an LDP Operation,
Administration, and Maintenance (OAM) client.
All levels
444
Field Description
Level of Output
Remote is
control-plane
independent
The BFD session on the remote peer is running on its Packet Forwarding Engine.
In this case, when the remote node undergoes a graceful restart, the local peer
can help the remote peer with the graceful restart.
extensive
The following BFD sessions are not distributed to the Packet Forwarding Engine:
tunnel-encapsulated sessions, and sessions over integrated routing and bridging
(IRB) interfaces.
Authentication
extensive
only occurs when the remote end of the session does not support
authentication and loose checking is configured.
The BFD session ID number that represents the protection using MPLS fast
reroute (FRR) and loop-free alternate (LFA).
detail extensive
sessions
All levels
clients
All levels
Cumulative
transmit rate
All levels
Cumulative receive
rate
Total number of BFD control packets received per second on all active sessions.
All levels
Multi-hop,
min-recv-TTL
Minimum time to live (TTL) accepted if the session is configured for multihop.
extensive
route table
extensive
local address
Local address of the source used if the session is configured for multihop.
extensive
The source IP address for outgoing BFD packets from the egress side of an
MPLS BFD session is based on the outgoing interface IP address.
445
Sample Output
show bfd session
user@host> show bfd session
Address
10.9.1.33
10.9.1.29
State
Up
Up
Interface
so-7/1/0.0
ge-4/0/0.0
Detect Time
0.600
0.600
Transmit
Interval
0.200
0.200
Multiplier
3
3
2 sessions, 2 clients
Cumulative transmit rate 10.0 pps, cumulative receive rate 10.0 pps
446
1 sessions, 1 clients
Cumulative transmit rate 2.5 pps, cumulative receive rate 2.5 pps
State
192.168.0.223
Up
Detect
Transmit
Time
Interval
Interface
540.000
180.000
Multiplier
3
Up
ae9.0
3.000
1.000
Multiplier
3
State
Up
Detect
Transmit
Time
Interval
0.030
0.010
Interface
ge-2/1/8.0
Multiplier
3
447
Client OSPF realm ospf-v2 Area 0.0.0.0, TX interval 0.010, RX interval 0.010
Session up time 00:10:13
Local diagnostic None, remote diagnostic None
Remote state Up, version 1
Replicated
Min async interval 0.010, min slow interval 1.000
Adaptive async TX interval 0.010, RX interval 0.010
Local min TX interval 0.010, minimum RX interval 0.010, multiplier 3
Remote min TX interval 0.010, min RX interval 0.010, multiplier 3
Local discriminator 12, remote discriminator 4
Echo mode disabled/inactive
Remote is control-plane independent
Session ID: 0x201
Micro-BFD Session
Detect
Transmit
Address
State
Interface
Time
Interval Multiplier
10.31.2.2
Up
ge-2/1/4.0
0.030
0.010
3
Client OSPF realm ospf-v2 Area 0.0.0.0, TX interval 0.010, RX interval 0.010
Session up time 00:10:14
Local diagnostic None, remote diagnostic NbrSignal
Remote state Up, version 1
Replicated
Min async interval 0.010, min slow interval 1.000
Adaptive async TX interval 0.010, RX interval 0.010
Local min TX interval 0.010, minimum RX interval 0.010, multiplier 3
Remote min TX interval 0.010, min RX interval 0.010, multiplier 3
Local discriminator 13, remote discriminator 5
Echo mode disabled/inactive
Remote is control-plane independent
Session ID: 0x202
2 sessions, 2 clients
Cumulative transmit rate 200.0 pps, cumulative receive rate 200.0 pps
1 sessions, 1 clients
Cumulative transmit rate 1.2 pps, cumulative receive rate 1.2 pps
448
2 sessions, 2 clients
Cumulative transmit rate 10.0 pps, cumulative receive rate 10.0 pps
449
Syntax
Release Information
Description
Options
intermediate system.
brief | detail | extensive(Optional) Display standard information about IS-IS neighbors
Output Fields
450
view
Field Description
Level of Output
Interface
All levels
System
brief
L or Level
Level:
All levels
1Level 1 only
2Level 2 only
An exclamation point (!) preceding the level number indicates that the adjacency
is missing an IP address.
State
All levels
Hold (secs)
brief
SNPA
brief
Expires in
detail
Priority
detail extensive
Up/Down
transitions
detail
Last transition
detail
Circuit type
Bit mask of levels on this interface: 1=Level 1 router; 2=Level 2 router; 3=both
Level 1 and Level 2 router.
detail
Speaks
detail extensive
MAC address
detail extensive
Topologies
Supported topologies.
detail extensive
Restart capable
detail extensive
Adjacency
advertisement:
Advertise
This routing device has signaled to advertise this interface to its neighbors in
their link-state PDUs.
detail extensive
Adjacency
advertisement:
Suppress
This neighbor has signaled not to advertise the interface in the routing device's
outbound link-state PDUs.
detail extensive
IP addresses
detail extensive
451
Field Description
Level of Output
Transition log
extensive
ErrorAdjacency error.
UnknownUnknown.
Sample Output
show isis adjacency
user@host> show isis adjacency
Interface
System
at-2/3/0.0
ranier
L State
3 Up
452
453
Release Information
Description
Command introduced in Junos OS Release 15.1 for the MX Series and PTX Series.
Display holddown status and time when IS-IS adjacencies are being formed. Adjacency
holddown process takes place on an IS-IS level basis. When adjacency holdown is
enabled, IS-IS adjacencies are formed sequentially. There is a holddown time between
each adjacency and the process is completed when all IS-IS adjacencies are formed.
This holddown time might cause network instability.
This command is useful to verify whether the adjacency holddown is enabled and
facilitates troubleshooting when there are adjacency issues due to IS-IS adjacency
holddown .
Options
noneDisplay standard overview information about IS-IS adjacency holddown for all
routing instances.
brief | detail | extensive(Optional) Display standard information about IS-IS adjacency
454
view
Field
Level
Field Description
status
1Level 1 information
2Level 2 information
when
Event
reason
Sample Output
show isis adjacency holddown
user@host> show isis adjacency holddown
Level
status
1
active
2
active
455
456
Syntax
Description
Options
instance.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
Output Fields
view
Field Description
Interface
Interface name.
Level
IS-IS level.
457
Field Description
IIH Auth
CSN Auth
PSN Auth
L1 LSP
Authentication
L2 LSP
Authentication
Sample Output
show isis authentication
user@host> show isis authentication
Interface
Level IIH Auth
at-2/3/0.0
1
Simple
2
MD5
CSN Auth
Simple
MD5
PSN Auth
Simple
MD5
PSN Auth
MD5
458
Description
Options
view
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
Field Description
Topology
Level
IS-IS level:
Node
1Level 1
2Level 2
459
Field Description
IPv4
IPv6
CLNS
Sample Output
show isis backup coverage
user@host> show isis backup coverage
Backup Coverage:
Topology
Level
Node
IPV4 Unicast
2 28.57%
IPV6 Unicast
2
0.00%
460
IPv4
22.22%
0.00%
IPv6
0.00%
0.00%
CLNS
0.00%
0.00%
Description
Options
routes.
logical-system (all | logical-system-name(Optional) Perform this operation on all logical
view
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
Field Description
Egress
461
Field Description
Status
UpThe routing device can detect RSVP hello messages from the neighbor.
Change in the sequence numbers in the RSVP hello messages sent by the neighbor.
Last change
Time elapsed since the neighbor state changed either from up to down or from down to up. The format
is hh:mm:ss.
TE-metric
Metric
Configured metric.
Sample Output
show isis backup label-switched-path
user@host> show isis backup label-switched-path
Backup MPLS LSPs:
f-to-g, Egress: 192.168.1.4, Status: up, Last change: 06:12:03
TE-metric: 9, Metric: 0
462
show backup-selection
Syntax
Release Information
Description
Options
show backup-selection
<instance instance-name>
<interface interface-name>
<logical-system logical-system-name>
<prefix prefix>
Required Privilege
Level
List of Sample Output
Output Fields
view
Field Description
Prefix
Destination prefix .
Interface
all All the interfaces on the router which requires backup path.
admin-group exclude
Specifies the administrative groups to be excluded. The backup path is not selected as the
loop free alternative or backup next hop if any of the links in the path have any one of the listed
administrative groups.
admin-group include-all
Requires each link in the backup path to have all the listed administrative groups in order to
accept the path.
463
Field Description
admin-group include-any
Requires each link in the backup path to have at least one of the listed administrative groups
in order to select the path.
admin-group preference
Defines an ordered set of administrative groups that specifies the preference of the backup
path. The leftmost element in the set is given the highest preference.
nodes excluded
Specifies the list of nodes to be excluded. The backup path that has a router from the list is
not selected as the loop free alternative or backup next hop.
nodes preference
Defines an ordered set of nodes to be preferred. The backup path having the leftmost node
is selected.
node-tags excluded
Specifies the backup selection to exclude the set of route tags in the backup path selection.
node-tags preference
protection-type
node-link Allows either node or link protection LFA where node-protection LFA is preferred
over link-protection LFA.
srlg
Evaluates common srlgs between the primary link and each link in the backup path.
strict Rejects the backup path that has common srlgs between the primary link and any
link in the backup path.
loose Allows the backup path that has common srlgs between the primary link and any
link in the backup path. The backup path with the fewer number of srlg collisions is preferred.
Uses backup next hop only if the bandwidth is greater than or equal to the primary next hop.
root-metric
Metric to one-hop node or remote router such as an RSVP backup label switched path (LSP)
tail-end router.
dest-metric
Metric from one-hop node or remote router such as an RSVP backup label switched path
(LSP) tail-end router to the final destination.
Defines the evaluation order of the metric (root and dest metrics) results.
Sample Output
show backup-selection
user@host> show backup-selection
464
Prefix: 0.0.0.0/0
Interface: all
Admin-group exclude: c6
Admin-group include-all: c1 c2
Admin-group include-any: c3 c4
Admin-group preference: c8
Nodes excluded: 100.0.7.2
Node preference: 100.2.6.2
Node-tags excluded: 1004
Node-tag preference: 1007
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Root-metric, Dest-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Node-Tag, Metric
Interface: ge-1/2/5.0
Admin-group include-all: c1
Admin-group include-any: c2
Admin-group preference: c4
Nodes excluded: 10.218.32.0
Node preference: 10.92.8.0
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Root-metric, Dest-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection
Prefix: 10.150.0.0/16
Interface: all
Admin-group include-all: c1
Admin-group include-any: c2
Admin-group preference: c5
Nodes excluded: 10.218.32.0
Node preference: 10.92.8.0
Node-tags excluded: 1004
Node-tag preference: 1007
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Loose, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth
Prefix: ::/0
Interface: all
Admin-group exclude: c2
Admin-group include-all: c1 c3
Admin-group include-any: c4 c5
Admin-group preference: c6
Node preference: 100.0.1.2
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth
465
466
Interface: all
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Loose, B/w >=
Primary: Disabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
----logical-system: R3
Policy Evaluation Order: Admin-group, SRLG, Bandwidth
Prefix: 0.0.0.0/0
Interface: all
Admin-group include-all: c1
Admin-group include-any: c2
Admin-group preference: c3
Node preference: 10.255.102.178
Node-tag preference: 1004
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Loose, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth
Prefix: 100.0.1.0/24
Interface: all
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Metric, Node-Tag
Prefix: 100.0.7.0/24
Interface: all
Protection Type: Link, Downstream Paths Only: Disabled, SRLG: Strict, B/w >=
Primary: Disabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
----logical-system: R7
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Metric, Node-Tag
Prefix: 0.0.0.0/0
Interface: all
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
----logical-system: R2
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Metric, Node-Tag
Prefix: 0.0.0.0/0
Interface: all
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Strict, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
----logical-system: R6
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Metric, Node-Tag
Prefix: 0.0.0.0/0
Interface: all
Protection Type: Link, Downstream Paths Only: Enabled, SRLG: Loose, B/w >=
Primary: Enabled, Root-metric: lowest, Dest-metric: lowest
Metric Evaluation Order: Dest-metric, Root-metric
467
----logical-system: default
Policy Evaluation Order: Admin-group, SRLG, Bandwidth, Protection, Node,
Metric, Node-Tag
468
469
Release Information
Description
Options
destination nodes.
instance instance-name(Optional) Display SPF calculations for backup paths for the
IS-IS level.
logical-system logical-system-name(Optional) Display SPF calculations for the backup
backup coverage.
topology (ipv4-multicast | ipv6-multicast | ipv6-unicast | unicast)(Optional) Display
SPF calculations for backup paths for the specified topology only.
Required Privilege
Level
Related
Documentation
Output Fields
470
view
Example: Configuring Node-Link Protection for IS-IS Routes in a Layer 3 VPN on page 163
Field Description
node-name
Address
Primary next-hop
Interface and name of the node of the primary next hop to reach the
destination.
Root
Metric
Eligible
Backup next-hop
SNPA
LSP
Not eligible
Reason
Sample Output
show isis backup spf results
user@host> show isis backup spf results
D.00
Primary next-hop: fe-1/0/0.0, IPV4, R2.00, SNPA: 0:12:1e:cb:cc:dc
Primary next-hop: fe-1/0/0.0, IPV6, R2.00, SNPA: 0:12:1e:cb:cc:dc
Root: R2 via Direct, Root Metric: 1, Metric: 1, Root Preference: 0x0
Not eligible, IPV4, Reason: Primary next-hop link fate sharing
Not eligible, IPV6, Reason: Primary next-hop link fate sharing
Root: S via Direct, Root Metric: 1, Metric: 3, Root Preference: 0x0
track-item: R1.00-00
Not eligible, IPV4, Reason: Path loops
Not eligible, IPV6, Reason: Path loops
Root: R4 via LDP, Root Metric: 3, Metric: 1, Root Preference: 0x0
Eligible, IPV4, Protection-Type: Node Protect, Downstream Path
Backup next-hop: fe-1/2/0.0, LSP LDP->R4(192.168.1.4)
Eligible, IPV6, Protection-Type: Node Protect, Downstream Path
Backup next-hop: fe-1/2/0.0, LSP LDP->R4(192.168.1.4)
Root: R3 via LDP, Root Metric: 2, Metric: 2, Root Preference: 0x0
Eligible, IPV4, Protection-Type: Node Protect, Downstream Path, Active
Backup next-hop: fe-1/2/0.0, LSP LDP->R3(192.168.1.3)
471
472
Release Information
Description
Options
View
Table 19 on page 473 lists the output fields for the show isis context-identifier command.
Output fields are listed in the approximate order in which they appear.
Field Description
Level of Output
Context
detail
Owner
detail
Role
detail
Primary
detail
Metric
detail
Sample Output
user@host> show isis context-identifier detail
IS-IS context database:
Context
Owner
Role
Primary
Metric
2.2.4.3
MPLS
Primary
pro3-e
1
Advertiser pro3-e, Router ID 10.255.245.198, Metric 1, Level 1
Advertiser pro3-e, Router ID 10.255.245.198, Metric 1, Level 2
Advertiser pro3-c, Router ID 10.255.245.196, Metric 11, Level 2
473
474
Syntax
Release Information
Description
Options
instances.
system id(Optional) Display IS-IS link-state database entries for the specified
intermediate system.
brief | detail | extensive(Optional) Display the specified level of output.
instance instance-name(Optional) Display IS-IS link-state database entries for the
level.
logical-system (all | logical-system-name)(Optional) Display standard information
about IS-IS link-state database entries for all logical systems or for a particular
logical system.
Required Privilege
Level
Related
Documentation
List of Sample Output
view
475
Table 20 on page 476 describes the output fields for the show isis database command.
Output fields are listed in the approximate order in which they appear. Fields that contain
internal IS-IS information useful only in troubleshooting obscure problems are not
described in the table. For more details about these fields, contact your customer support
representative.
Field Description
Level of Output
Interface name
Name of the interface on which the link-state PDU has been received; always
IS-IS for this command.
All levels
level
All levels
LSP ID
All levels
Sequence
All levels
Checksum
All levels
Lifetime (secs)
All levels
Attributes
Attributes of the specified database: L1, L2, Overload, or Attached (L1 only).
none brief
# LSPs
none brief
IP prefix
detail extensive
IS neighbor
detail extensive
IP prefix
detail extensive
V6 prefix
detail extensive
Metric
detail extensive
Header
extensive
LengthHeader length.
476
Field Description
Level of Output
Packet
extensive
LengthPacket length.
TLVs
AttributesPacket attributes.
IP addressIPv4 address.
MetricIS-IS metric that measures the cost of the adjacency between the
extensive
Sample Output
show isis database
user@host> show isis database
IS-IS level 1 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
kobuk.00-00
0x3
0x3167
1057 L1 L2
camaro.00-00
0x5
0x770e
1091 L1 L2
ranier.00-00
0x4
0xaa95
1091 L1 L2
glacier.00-00
0x4
0x206f
1089 L1 L2
glacier.02-00
0x1
0xd141
1089 L1 L2
badlands.00-00
0x3
0x87a2
1093 L1 L2
6 LSPs
IS-IS level 2 link-state database:
LSP ID
Sequence Checksum Lifetime Attributes
kobuk.00-00
0x6
0x8d6b
1096 L1 L2
camaro.00-00
0x9
0x877b
1101 L1 L2
ranier.00-00
0x8
0x855d
1103 L1 L2
glacier.00-00
0x7
0xf892
1098 L1 L2
glacier.02-00
0x1
0xd141
1089 L1 L2
badlands.00-00
0x6
0x562
1105 L1 L2
6 LSPs
477
Down
Down
Down
Up
Down
Down
Down
Down
Up
Down
Down
Down
Up
Down
Down
Down
Down
Up
Up
Down
Down
Down
Down
Up
478
IP prefix: 192.168.0.1/32
Metric:
0 Internal Up
secs
10
Router-B.02-00
10
Router-E.02-00
Internal Up
Internal Up
Internal Up
479
IP
IP
IS
IS
IS
480
secs
10
Router-C.02-00
10
Router-D.03-00
Internal Up
Internal Up
Internal Up
481
IP address: 10.0.0.13
Local interface index: 106, Remote interface index: 0
No queued transmissions
Router-C.02-00 Sequence: 0x1, Checksum: 0xaa09, Lifetime: 1181 secs
IS neighbor: Router-B.00
Metric:
0
Two-way fragment: Router-B.00-00, Two-way first fragment: Router-B.00-00
IS neighbor: Router-C.00
Metric:
0
Two-way fragment: Router-C.00-00, Two-way first fragment: Router-C.00-00
Header: LSP ID: Router-C.02-00, Length: 76 bytes
Allocated length: 284 bytes, Router ID: 0.0.0.0
Remaining lifetime: 1181 secs, Level: 2, Interface: 102
Estimated free bytes: 208, Actual free bytes: 208
Aging timer expires in: 1181 secs
Packet: LSP ID: Router-C.02-00, Length: 76 bytes, Lifetime : 1194 secs
Checksum: 0xaa09, Sequence: 0x1, Attributes: 0x3 <L1 L2>
NLPID: 0x83, Fixed length: 27 bytes, Version: 1, Sysid length: 0 bytes
Packet type: 20, Packet version: 1, Max area: 0
TLVs:
IS neighbor: Router-C.00, Internal, Metric: default 0
IS neighbor: Router-B.00, Internal, Metric: default 0
IS extended neighbor: Router-C.00, Metric: default 0
IS extended neighbor: Router-B.00, Metric: default 0
No queued transmissions
Router-D.00-00 Sequence: 0x4, Checksum: 0x8ab7, Lifetime: 1180
IS neighbor: Router-D.02
Metric:
Two-way fragment: Router-D.02-00, Two-way first fragment:
IS neighbor: Router-D.03
Metric:
Two-way fragment: Router-D.03-00, Two-way first fragment:
IP prefix: 10.0.0.12/30
Metric:
10
IP prefix: 10.0.0.20/30
Metric:
10
IP prefix: 192.168.0.4/32
Metric:
0
secs
10
Router-D.02-00
10
Router-D.03-00
Internal Up
Internal Up
Internal Up
482
IP
IP
IS
IS
IS
483
IS neighbor: Router-E.02
Metric:
Two-way fragment: Router-E.02-00, Two-way first fragment:
IS neighbor: Router-F.02
Metric:
Two-way fragment: Router-F.02-00, Two-way first fragment:
IP prefix: 10.0.0.0/30
Metric:
10
IP prefix: 10.0.0.16/30
Metric:
20
IP prefix: 192.168.0.5/32
Metric:
0
10
Router-E.02-00
20
Router-F.02-00
Internal Up
Internal Up
Internal Up
484
TLVs:
IS neighbor: Router-E.00, Internal, Metric: default 0
IS neighbor: Router-A.00, Internal, Metric: default 0
IS extended neighbor: Router-E.00, Metric: default 0
IS extended neighbor: Router-A.00, Metric: default 0
No queued transmissions
Router-F.00-00 Sequence: 0x5, Checksum: 0x94bd, Lifetime: 1153
IS neighbor: Router-D.02
Metric:
Two-way fragment: Router-D.02-00, Two-way first fragment:
IS neighbor: Router-F.02
Metric:
Two-way fragment: Router-F.02-00, Two-way first fragment:
IP prefix: 10.0.0.16/30
Metric:
10
IP prefix: 10.0.0.20/30
Metric:
10
IP prefix: 192.168.0.6/32
Metric:
0
secs
10
Router-D.02-00
10
Router-F.02-00
Internal Up
Internal Up
Internal Up
485
486
Syntax
Description
Options
view
Field Description
System Id
Hostname
Type
487
Sample Output
show isis hostname
user@host> show isis hostname
IS-IS hostname database:
System Id
Hostname
1921.6800.4201 isis1
1921.6800.4202 isis2
1921.6800.4203 isis3
488
Type
Dynamic
Static
Dynamic
Syntax
Description
NOTE: If the configured metric for an IS-IS level is above 63, and the
wide-metrics-only statement is not configured, the show isis interface detail
command and the show isis interface extensive command display 63 as the
metric value for that level. Configure the wide-metrics-only statement to
generate metric values greater than 63 on a per IS-IS level basis.
The show isis interface command displays the configured metric value for an
IS-IS level irrespective of whether is configured or not.
Options
view
Example: Enabling Wide IS-IS Metrics for Traffic Engineering on page 213
489
Table 22 on page 490 describes the output fields for the show isis interface command.
Output fields are listed in the approximate order in which they appear.
Field Description
Level of Output
interface-name
detail
Designated router
Routing device selected by other routers that is responsible for sending link-state
advertisements that describe the network. Used only on broadcast networks.
detail
Index
detail
State
detail
Circuit id
Circuit identifier.
detail
NOTE: Each IS-IS interface is assigned a circuit ID value to identify the interface
within the linkstate database. All interfaces (loopback, broadcast, and so on)
and all point-to-point links share the locally significant value of 0x01, and this
value is not incremented.
Circuit type
Circuit type:
1Level 1 only
2Level 2 only
detail
LSP interval
detail
CSNP interval
Interval between complete sequence number PDUs sent from the interface.
detail extensive
Sysid
System identifier.
detail
Interface
none brief
L or Level
Level:
All levels
1Level 1 only
2Level 2 only
NOTE: The default IS-IS level on loopback interfaces are always same as the
IS-IS level configured on other IS-IS interfaces in a router. You can also configure
IS-IS level on loopback interfaces per your requirement.
CirID
Circuit identifier.
none brief
Level 1 DR
none brief
Level 2 DR
none brief
490
Field Description
Level of Output
L1/L2 Metric
Interface's metric for Level 1 and Level 2. If there is no information, the metric
is 0.
none brief
Adjacency
advertisement:
Advertise
This routing device has signaled to advertise this interface to its neighbors in
their label-switched paths (LSPs).
detail extensive
Adjacency
advertisement:
Suppress
This neighbor has signaled not to advertise this interface in the routing devices
outbound LSPs.
detail extensive
Adjacencies
detail
Priority
detail
Metric
detail
Hello(s) / Hello
Interval
detail extensive
detail extensive
Designated Router
detail
Hello padding
extensive
the initial detection of a new neighbor until the neighbor verifies the adjacency
as Up in the adjacency state TLV. If the neighbor does not support the
adjacency state TLV, then padding continues. On LAN connections, padding
starts from the initial detection of a new neighbor until there is at least one
active adjacency on the interface.
extensive
reason
extensive
config holdtime
extensive
remaining
If the state is not in sync and the hold time is not infinity, then this field displays
the remaining hold time in seconds.
extensive
491
Sample Output
show isis interface
user@host> show isis interface
IS-IS interface database:
Interface
L CirID Level 1 DR
at-2/3/0.0
3
0x1 Point to Point
lo0.0
3
0x1 Passive
Level 2 DR
Point to Point
Passive
L1/L2 Metric
10/10
0/0
492
Description
Options
instance.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
view
Field Description
Hostname
Sysid
Areaid
Instance
Router ID
Adjacency holddown
Maximum Areas
493
Field Description
SPF delay
SPF holddown
Delay before performing additional SPF calculations after the maximum number of consecutive SPF
calculations is reached.
Maximum number of SPF calculations that can be performed in succession before the holddown timer
begins.
Overload timeout
Time period after which overload is reset and the time that remains before the timer is set to expire.
Traffic engineering
Restart
Restart duration
Helper mode
Level
IS-IS level:
1Level 1 information
2Level 2 information
IPv4 is enabled
IPv6 is enabled
Internal route
preference
External route
preference
494
Field Description
Adjacency holddown is
active
IS-IS adjacencies come up one after another when adjacency holddown is enabled.
Sample Output
show isis overview
user@host> show isis overview
Instance: master
Router ID: 10.255.107.183
Hostname: pro-bng3-a
Sysid: 0192.0168.0001
Areaid: 49.0002
Adjacency holddown: enabled
Maximum Areas: 3
LSP life time: 1200
Attached bit evaluation: enabled
SPF delay: 200 msec, SPF holddown: 5000 msec, SPF rapid runs: 3
IPv4 is enabled, IPv6 is enabled
Traffic engineering: enabled
Restart: Disabled
Helper mode: Enabled
Level 1
Internal route preference: 15
External route preference: 160
Wide metrics are enabled, Narrow metrics are enabled
Adjacency holddown is active
Level 2
Internal route preference: 18
External route preference: 165
Prefix export limit: 5, Prefix export count: 5
Wide metrics are enabled
Adjacency holddown is active
user@host> show isis overview logical-system R2
Instance: master
Router ID: 192.168.0.2
Hostname: pro-bng3-a-R2
Sysid: 0192.0168.0002
Areaid: 49.0002
Adjacency holddown: enabled
Maximum Areas: 3
LSP life time: 1200
Attached bit evaluation: enabled
SPF delay: 200 msec, SPF holddown: 5000 msec, SPF rapid runs: 3
IPv4 is enabled, IPv6 is enabled
Traffic engineering: enabled
Restart: Disabled
Helper mode: Enabled
Level 1
Internal route preference: 15
External route preference: 160
495
496
Syntax
Release Information
Description
Options
routes for the specified topology only, or use unicast to display information, if
available, for both IPv4 and IPv6 unicast topologies.
Required Privilege
Level
List of Sample Output
Output Fields
view
497
Field Description
Current version
L1
L2
Prefix
IS-IS level:
1Level 1 only
2Level 2 only
Version
Metric
Type
Interface
Via
ISO Routes
snpa
MAC address.
Sample Output
show isis route logical-system
user@host> show isis route logical-system ls1
IS-IS routing table
Current version: L1: 8 L2: 11
Prefix
L Version Metric Type Interface
Via
10.9.7.0/30
2
11
20 int gr-0/2/0.0
h
10.9.201.1/32
2
11
60 int gr-0/2/0.0
h
IPV6 Unicast IS-IS routing table
Current version: L1: 9 L2: 11
Prefix
L Version Metric Type Interface
Via
8009:3::a09:3200/126 2
11
20 int gr-0/2/0.0 h
498
0/0
1
10
10 int fe-0/0/1.0
isis.0 0:12:0:34:0:56
47.0005.80ff.f800.0000.0108.0001/104
1
10
0 int
47.0005.80ff.f800.0000.0108.0001.1921.6800.4001/152
1
10
10 int fe-0/0/1.0 isis.0 0:12:0:34:0:56
47.0005.80ff.f800.0000.0108.0001.1921.6800.4002/152
1
10
20 int fe-0/0/1.0 isis.0 0:12:0:34:0:56
47.0005.80ff.f800.0000.0108.0002/104
1
10
0 int
47.0005.80ff.f800.0000.0108.0002.1921.6800.4001/152
1
10
10 int fe-0/0/1.0 isis.0 0:12:0:34:0:56
L
2
Version
13
10.255.71.238/32
13
10.255.71.239/32
13
20
int
int
NH
Via
IPV4 camaro
so-6/0/0.0
IPV4 olympic
as0.0
IPV4 glacier
so-6/0/0.0
IPV4 olympic
ae0.0
IPV4 camaro
10.255.71.242/32
13
10
int
as0.0
IPV4 glacier
10.255.71.243/32
13
10
int
so-6/0/0.0
IPV4 olympic
12.13.0.0/30
13
20
int
so-6/0/0.0
IPV4 olympic
12.15.0.0/30
13
20
int
so-6/0/0.0
IPV4 olympic
13.15.0.0/30
13
30
int
ae0.0
IPV4 camaro
so-6/0/0.0
IPV4 olympic
as0.0
IPV4 glacier
13.16.0.0/30
13
25
int
as0.0
IPV4 glacier
14.15.0.0/30
13
20
int
ae0.0
IPV4 camaro
192.2.1.0/30
13
30
int
so-6/0/0.0
IPV4 olympic
as0.0
IPV4 glacier
so-6/0/0.0
IPV6 olympic
as0.0
IPV6 glacier
1eee::/64
13
30
int
abcd::10:255:71:52/128
13
10
int
ae0.0
IPV6 camaro
abcd::10:255:71:238/128
13
20
int
so-6/0/0.0
IPV6 olympic
499
abcd::10:255:71:239/128
500
13
20
int
as0.0
IPV6 glacier
so-6/0/0.0
IPV6 olympic
ae0.0
IPV6 camaro
abcd::10:255:71:242/128
13
10
int
as0.0
IPV6 glacier
abcd::10:255:71:243/128
13
10
int
so-6/0/0.0
IPV6 olympic
Syntax
Release Information
Description
Options
routing instance.
level (1 | 2)(Optional) Display SPF calculations for the specified IS-IS level.
logDisplay the log of SPF calculations.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
Output Fields
view
Field Description
Node
System ID of a node.
501
Field Description
Metric
Interface
Via
SNPA
Start time
Elapsed (secs)
Count
Reason
(log option only) Reason that the SPF computation was completed.
Sample Output
show isis spf log
user@host> show isis spf log logical-system lsl
IS-IS level 1 SPF log:
Start time
Elapsed (secs) Count
Fri Oct 31 12:41:18
0.000069
1
Fri Oct 31 12:41:18
0.000107
3
Fri Oct 31 12:41:18
0.000050
3
Fri Oct 31 12:41:23
0.000033
1
Fri Oct 31 12:41:28
0.000178
5
Fri Oct 31 12:41:59
0.000060
1
Fri Oct 31 12:42:30
0.000161
2
Fri Oct 31 12:56:58
0.000198
1
Fri Oct 31 13:10:29
0.000209
1
IS-IS level 2 SPF log:
Start time
Elapsed (secs) Count
Fri Oct 31 12:41:18
0.000035
1
Fri Oct 31 12:41:18
0.000047
2
Fri Oct 31 12:41:18
0.000043
5
Fri Oct 31 12:41:23
0.000022
1
Fri Oct 31 12:41:59
0.000144
3
Fri Oct 31 12:42:30
0.000257
3
Fri Oct 31 12:54:37
0.000195
1
Fri Oct 31 12:55:50
0.000178
1
Fri Oct 31 12:55:55
0.000174
1
Fri Oct 31 12:55:58
0.000176
1
Fri Oct 31 13:08:14
0.000198
1
IPV6 Unicast IS-IS level 1 SPF log:
Reason
Reconfig
Updated LSP fix.00-00
Address change on so-1/2/2.0
Updated LSP fix.00-00
New adjacency scat on ge-1/1/0.0
Updated LSP fix.00-00
Multi area attachment change
Periodic SPF
Periodic SPF
Reason
Reconfig
Updated LSP fix.00-00
Address change on gr-0/2/0.0
Updated LSP fix.00-00
New adjacency h on gr-0/2/0.0
New LSP skag.00-00
Periodic SPF
Updated LSP fix.00-00
Updated LSP h.00-00
Updated LSP skag.00-00
Periodic SPF
Start time
Elapsed (secs) Count Reason
Fri Oct 31 12:41:18
0.000028
1 Reconfig
Fri Oct 31 12:41:18
0.000043
3 Updated LSP fix.00-00
502
12:41:18
12:41:18
12:41:18
12:41:23
12:41:25
12:41:59
12:42:30
12:55:50
12:55:55
12:55:58
13:09:46
0.000112
0.000059
0.000041
0.000103
0.000040
0.000118
0.000289
0.000214
SPF log:
4
1
1
5
1
2
1
1
Reason
Reconfig
Updated LSP fix.00-00
Updated LSP fix.00-00
Updated LSP fix.00-00
Updated LSP fix.00-00
New adjacency h on gr-0/2/0.0
New LSP skag.00-00
Updated LSP fix.00-00
Updated LSP h.00-00
Updated LSP skag.00-00
Periodic SPF
Interface
gr-0/2/0.0
10.9.7.0/30
gr-0/2/0.0
gr-0/2/0.0
10.9.6.0/30
10.9.7.0/30
10.9.201.1/32
Via
scat
Via
SNPA
h
h
h
10.9.1.0/30
10.9.5.0/30
10.9.6.0/30
SNPA
0:90:69:a6:48:9d
SNPA
0:90:69:a6:48:9d
0:90:69:a6:48:9d
503
fix.00
0
10
10
20
10
8009:1::a09:1400/126
8009:2::a09:1e00/126
8009:3::a09:3200/126
8009:4::a09:2800/126
3 nodes
IPV6 Unicast IS-IS level 2 SPF results:
Node
Metric
Interface
Via
skag.00
20
gr-0/2/0.0
h
gr-0/2/0.0
h
30
8009:3::a09:3200/126
skag.02
20
gr-0/2/0.0
h
gr-0/2/0.0
h
h.00
10
gr-0/2/0.0
h
gr-0/2/0.0
h
20
8009:3::a09:3200/126
20
8009:4::a09:2800/126
fix.00
0
10
8009:1::a09:1400/126
10
8009:2::a09:1e00/126
10
8009:4::a09:2800/126
4 nodes
Multicast IS-IS level 1 SPF results:
Node
Metric
Interface
scat.00
10
ge-1/1/0.0
fix.02
10
fix.00
0
3 nodes
Multicast IS-IS level 2 SPF results:
Node
Metric
Interface
skag.00
20
gr-0/2/0.0
skag.02
20
gr-0/2/0.0
h.00
10
gr-0/2/0.0
fix.00
0
4 nodes
...
SNPA
Via
scat
SNPA
0:90:69:a6:48:9d
Via
SNPA
h
h
h
504
Interface
fe-0/0/1.0
fe-0/0/1.0
Via
toothache
toothache
SNPA
0:12:0:34:0:56
0:12:0:34:0:56
SNPA
0:12:0:34:0:56
0:12:0:34:0:56
pro1-a.02
pro1-a.00
20
20
20
10
0
0
10
10.255.245.1/32
192.168.37.64/29
47.0005.80ff.f800.0000.0109.0010/104
10.255.245.1/32
192.168.37.64/29
3 nodes
505
Syntax
Description
Options
506
view
Field Description
PDU type
PDU type:
CSNPComplete sequence number PDUs contain a complete list of all link-state PDUs in the IS-IS
database. CSNPs are sent periodically on all links, and the receiving systems use the information
in the CSNP to update and synchronize their link-state PDU databases. The designated router
multicasts CSNPs on broadcast links in place of sending explicit acknowledgments for each
link-state PDU.
IIHIS-IS hello packets are broadcast to discover the identity of neighboring IS-IS systems and to
LSPLink-state PDUs contain information about the state of adjacencies to neighboring IS-IS
PSNPPartial sequence number PDUs are sent multicast by a receiver when it detects that it is
missing a link-state PDU (when its link-state PDU database is out of date). The receiver sends a
PSNP to the system that transmitted the CSNP, effectively requesting that the missing link-state
PDU be transmitted. That routing device, in turn, forwards the missing link-state PDU to the
requesting routing device.
Received
Number of PDUs received since IS-IS started or since the statistics were set to zero.
Processed
Drops
Sent
Number of PDUs transmitted since IS-IS started or since the statistics were set to zero.
Rexmit
Number of PDUs retransmitted since IS-IS started or since the statistics were set to zero.
Total packets
received/sent
Total number of PDUs received and transmitted since IS-IS started or since the statistics were set to
zero.
Number of CSPN and PSNP packets currently waiting in the queue for processing. This value is almost
always 0.
Number of link-state PDUs waiting in the queue for processing. This value is almost always 0.
SPF runs
Number of shortest-path-first (SPF) calculations that have been performed. If this number is
incrementing rapidly, it indicates that the network is unstable.
Fragments rebuilt
Number of link-state PDU fragments that the local system has computed.
LSP regenerations
Number of link-state PDUs that have been regenerated. A link-state PDU is regenerated when it is
nearing the end of its lifetime and it has not changed.
Purges initiated
Number of purges that the system initiated. A purge is initiated if the software decides that a link-state
PDU must be removed from the network.
507
Sample Output
show isis statistics
user@host> show isis statistics
IS-IS statistics for merino:
PDU type
LSP
IIH
CSNP
PSNP
Unknown
Totals
Received
12227
113808
198868
6985
0
331888
Processed
12227
113808
198868
6979
0
331882
Drops
0
0
0
6
0
6
Sent
8184
115817
198934
8274
0
331209
Rexmit
683
0
0
0
0
683
508
0 Drops:
0 Drops:
0
0
1014
1038
425
0
show policy
List of Syntax
Syntax
Description
Options
Required Privilege
Level
Related
Documentation
List of Sample Output
Output Fields
view
Field Description
policy-name
term
from
then
509
Sample Output
show policy
user@host> show policy
Configured policies:
__vrf-export-red-internal__
__vrf-import-red-internal__
red-export
all_routes
510
Release Information
Description
Options
view
Field Description
Level of Output
Condition
All levels
event
Condition type. If the if-route-exists option is configured, the event type is:
Existence of a route in a specific routing table.
All levels
Dependent routes
List of routes dependent on the condition, along with the latest generation
number.
detail
Condition tables
List of routing tables associated with the condition, along with the latest
generation number and number of dependencies.
All levels
511
Field Description
Level of Output
If-route-exists
conditions
All levels
Sample Output
show policy conditions detail
user@host> show policy conditions detail
Configured conditions:
Condition primary (static), event: Existence of a route in a specific routing
table
Dependent routes:
8.41.0.0/24, generation 18
Condition standby (static), event: Existence of a route in a specific routing
table
Dependent routes:
8.41.0.0/24, generation 18
Condition tables:
Table mpls.0, generation 0, dependencies 0, If-route-exists conditions: primary
(static) standby (static)
Table l3vpn.inet.0, generation 633, dependencies 2
512
show route
List of Syntax
Syntax
Release Information
Description
Options
routing tables.
destination-prefix(Optional) Display active entries for the specified address or range
of addresses.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
Required Privilege
Level
Related
Documentation
view
513
Output Fields
Table 29 on page 514 describes the output fields for the show route command. Output
fields are listed in the approximate order in which they appear.
Field Description
routing-table-name
number destinations
Number of destinations for which there are routes in the routing table.
number routes
Number of routes in the routing table and total number of routes in the following states:
holddown (routes that are in the pending state before being declared inactive). A holddown route
was once the active route and is no longer the active route. The route is in the holddown state
because a protocol still has interest in the route, meaning that the interest bit is set. A protocol
might have its interest bit set on the previously active route because the protocol is still advertising
the route. The route will be deleted after all protocols withdraw their advertisement of the route
and remove their interest bit. A persistent holddown state often means that the interested protocol
is not releasing its interest bit properly.
However, if you have configured advertisement of multiple routes (with the add-path or
advertise-inactive statement), the holddown bit is most likely set because BGP is advertising the
route as an active route. In this case, you can ignore the holddown state because nothing is wrong.
destination-prefix
Route destination (for example:10.0.0.1/24). Sometimes the route information is presented in another
format, such as:
10.1.1.195:NoCtrlWord:1:1:Local/96):
control-word-statusWhether the use of the control word has been negotiated for this virtual
circuit: NoCtrlWord or CtrlWord.
encapsulation typeType of encapsulation, represented by a number: (1) Frame Relay DLCI, (2)
ATM AAL5 VCC transport, (3) ATM transparent cell transport, (4) Ethernet, (5) VLAN Ethernet,
(6) HDLC, (7) PPP, (8) ATM VCC cell transport, (10) ATM VPC cell transport.
514
Field Description
[ protocol, preference ]
Protocol from which the route was learned and the preference value for the route.
+A plus sign indicates the active route, which is the route installed from the routing table into the
forwarding table.
*An asterisk indicates that the route is both the active and the last active route. An asterisk before
a to line indicates the best subpath to the route.
In every routing metric except for the BGP LocalPref attribute, a lesser value is preferred. In order to
use common comparison routines, Junos OS stores the 1's complement of the LocalPref value in the
Preference2 field. For example, if the LocalPref value for Route 1 is 100, the Preference2 value is -101.
If the LocalPref value for Route 2 is 155, the Preference2 value is -156. Route 2 is preferred because it
has a higher LocalPref value and a lower Preference2 value.
weeks:days
hours:minutes:seconds
How long the route been known (for example, 2w4d 13:11:14, or 2 weeks, 4 days, 13 hours, 11 minutes,
and 14 seconds).
metric
Cost value of the indicated route. For routes within an AS, the cost is determined by the IGP and the
individual protocol metrics. For external routes, destinations, or routing domains, the cost is determined
by a preference value.
localpref
from
AS path
AS path through which the route was learned. The letters at the end of the AS path indicate the path
origin, providing an indication of the state of the route at the point at which the AS path originated:
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
[ ]Brackets enclose the local AS number associated with the AS path if more than one AS number
{ }Braces enclose AS sets, which are groups of AS numbers in which the order does not matter.
A set commonly results from route aggregation. The numbers in each AS set are displayed in
ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an unrecognized attribute and
associated hexadecimal value if BGP receives attribute 128 (attribute set) and you have not configured
an independent domain in any routing instance.
515
Field Description
validation-state
InvalidIndicates that the prefix is found, but either the corresponding AS received from the EBGP
peer is not the AS that appears in the database, or the prefix length in the BGP update message is
longer than the maximum length permitted in the database.
UnknownIndicates that the prefix is not among the prefixes or prefix ranges in the database.
UnverifiedIndicates that the origin of the prefix is not verified against the database. This is because
the database got populated and the validation is not called for in the BGP import policy, although
origin validation is enabled, or the origin validation is not enabled for the BGP peers.
to
ValidIndicates that the prefix and autonomous system pair are found in the database.
Next hop to the destination. An angle bracket (>) indicates that the route is the selected route.
If the destination is Discard, traffic is dropped.
via
Interface used to reach the next hop. If there is more than one interface available to the next hop, the
interface that is actually used is followed by the word Selected. This field can also contain the following
information:
WeightValue used to distinguish primary, secondary, and fast reroute backup routes. Weight
information is available when MPLS label-switched path (LSP) link protection, node-link protection,
or fast reroute is enabled, or when the standby state is enabled for secondary paths. A lower weight
value is preferred. Among routes with the same weight value, load balancing is possible.
BalanceBalance coefficient indicating how traffic of unequal cost is distributed among next hops
when a routing device is performing unequal-cost load balancing. This information is available
when you enable BGP multipath load balancing.
label-actionMPLS label and operation occurring at the next hop. The operation can be pop (where
a label is removed from the top of the stack), push (where another label is added to the label stack),
or swap (where a label is replaced by another label). For VPNs, expect to see multiple push
operations, corresponding to the inner and outer labels required for VPN routes (in the case of a
direct PE-to-PE connection, the VPN route would have the inner label push only).
Private unicast
(Enhanced subscriber management for MX Series routers) Indicates that an access-internal route is
managed by enhanced subscriber management. By contrast, access-internal routes not managed
by enhanced subscriber management are displayed with associated next-hop and media access
control (MAC) address information.
Sample Output
show route
user@host> show route
inet.0: 11 destinations, 12 routes (11 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
1:65500:1:10.0.0.20/240
*[MVPN/70] 19:53:41, metric2 1
Indirect
1:65500:1:10.0.0.40/240
*[BGP/170] 19:53:29, localpref 100, from 10.0.0.30
AS path: I
> to 10.0.24.4 via lt-0/3/0.24, label-switched-path toD
516
show route
The following sample output shows a VPN route with composite next hops enabled. The
first Push operation corresponds to the outer label. The second Push operation
corresponds to the inner label.
user@host> show route 70.0.0.0
13979:665001.inet.0: 871 destinations, 3556 routes (871 active, 0 holddown, 0
hidden)
+ = Active Route, - = Last Active, * = Both
70.0.0.0/24
517
*[Access-internal/12] 00:00:08
> to #0 10.0.0.1.93.65 via demux0.1073741824
100.20.0.112/32
*[Access-internal/12] 00:00:08
Private unicast
.
.
.
518
Syntax
Description
Options
Output Fields
view
Sample Output
show route active-path
user@host> show route active-path
inet.0: 7 destinations, 7 routes (6 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
10.255.70.19/32
10.255.71.50/32
100.1.2.0/24
*[Direct/0] 21:33:52
> via lo0.0
*[IS-IS/15] 00:18:13, metric 10
> to 100.1.2.1 via so-2/1/3.0
*[Direct/0] 00:18:36
> via so-2/1/3.0
519
100.1.2.2/32
192.168.64.0/21
*[Local/0] 00:18:41
Local via so-2/1/3.0
*[Direct/0] 21:33:52
> via fxp0.0
*[Local/0] 21:33:52
Local via fxp0.0
192.168.70.19/32
520
521
522
AS path: I
Destination
10.255.70.19/32
10.255.71.50/32
100.1.2.0/24
100.1.2.2/32
192.168.64.0/21
192.168.70.19/32
P Prf
D
0
I 15
D
0
L
0
D
0
L
0
Metric 1
10
Metric 2
Next hop
>lo0.0
>100.1.2.1
>so-2/1/3.0
Local
>fxp0.0
Local
AS path
523
Release Information
Description
Options
transmitted.
protocolProtocol transmitting the route:
Additional Information
Required Privilege
Level
Related
Documentation
List of Sample Output
Output Fields
524
Routes displayed are routes that the routing table has exported into the routing protocol
and that have been filtered by the associated protocol's export routing policy statements.
view
Example: Configuring the MED Attribute That Determines the Exit Point in an AS
Field Description
Level of Output
routing-table-name
All levels
number
destinations
Number of destinations for which there are routes in the routing table.
All levels
number routes
Number of routes in the routing table and total number of routes in the following
states:
All levels
holddown (routes that are in the pending state before being declared inactive)
Prefix
Destination prefix.
brief none
destination-prefix
(entry , announced)
Destination prefix. The entry value is the number of routes for this destination,
and the announced value is the number of routes being announced for this
destination.
detail extensive
detail extensive
Route Distinguisher
detail extensive
Advertised Label
detail extensive
Label-Base, range
First label in a block of labels and label block size. A remote PE router uses this
first label when sending traffic toward the advertising PE router.
detail extensive
VPN Label
Virtual private network (VPN) label. Packets are sent between CE and PE routers
by advertising VPN labels. VPN labels transit over either an RSVP or an LDP
LSP tunnel.
detail extensive
Nexthop
Next hop to the destination. An angle bracket (>) indicates that the route is the
selected route.
All levels
If the next-hop advertisement to the peer is Self, and the RIB-out next hop is a
specific IP address, the RIB-out IP address is included in the extensive output.
See show route advertising-protocol bgp extensive all (Next Hop Self with RIB-out
IP Address) on page 527.
MED
brief
Lclpref or Localpref
All levels
525
Field Description
Level of Output
AS path
AS path through which the route was learned. The letters at the end of the AS
path indicate the path origin, providing an indication of the state of the route at
the point at which the AS path originated:
All levels
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
order does not matter. A set commonly results from route aggregation. The
numbers in each AS set are displayed in ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an
unrecognized attribute and associated hexadecimal value if BGP receives
attribute 128 (attribute set) and you have not configured an independent domain
in any routing instance.
Communities
Community path attribute for the route. See the output field table for the show
route detail command for all possible values for this field.
detail extensive
AIGP
detail extensive
Attrset AS
Number, local preference, and path of the autonomous system (AS) that
originated the route. These values are stored in the Attrset attribute at the
originating router.
detail extensive
Layer2-info: encaps
detail extensive
control flags
detail extensive
mtu
detail extensive
Sample Output
show route advertising-protocol bgp (Layer 3 VPN)
user@host> show route advertising-protocol bgp 10.255.14.171
VPN-A.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
Prefix
Nexthop
MED
Lclpref AS path
10.255.14.172/32
Self
1
100 I
VPN-B.inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
Prefix
Nexthop
MED
Lclpref AS path
10.255.14.181/32
Self
2
100 I
526
show route advertising-protocol bgp extensive all (Next Hop Self with RIB-out IP Address)
user@host> show route advertising-protocol bgp 200.0.0.2 170.0.1.0/24 extensive all
inet.0: 13 destinations, 19 routes (13 active, 0 holddown, 6 hidden)
170.0.1.0/24 (2 entries, 1 announced)
527
528
Syntax
Description
Options
internal, tables.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
view
Sample Output
show route all
The following example displays a snippet of output from the show route command and
then displays the same snippet of output from the show route all command:
user@host> show route
mpls.0: 7 destinations, 7 routes (5 active, 0 holddown, 2 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
0
*[MPLS/0] 2d 02:24:39, metric 1
Receive
1
*[MPLS/0] 2d 02:24:39, metric 1
Receive
2
*[MPLS/0] 2d 02:24:39, metric 1
Receive
529
800017
800018
*[VPLS/7] 1d 14:00:16
> via vt-3/2/0.32769, Pop
*[VPLS/7] 1d 14:00:26
> via vt-3/2/0.32772, Pop
530
Syntax
Description
Options
Output Fields
view
Sample Output
show route best
user@host> show route best 10.255.70.103
inet.0: 24 destinations, 25 routes (23 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
10.255.70.103/32
*[OSPF/10] 1d 13:19:20, metric 2
> to 10.31.1.6 via ge-3/1/0.0
via so-0/3/0.0
531
532
P Prf
O 10
Metric 1
2
Metric 2
Next hop
>10.31.1.6
so-0/3/0.0
AS path
P Prf
R
7
Metric 1
2
Metric 2
Next hop
>so-0/3/0.0
AS path
P Prf
D
0
D
0
Metric 1
Metric 2
Next hop
>fxp2.0
>fxp1.0
AS path
533
Syntax
Release Information
Description
Display brief information about the active entries in the routing tables.
Options
of addresses.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
view
Sample Output
show route brief
user@host> show route brief
inet.0: 10 destinations, 10 routes (9 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
0.0.0.0/0
10.255.245.51/32
172.16.0.0/12
192.168.0.0/18
192.168.40.0/22
534
535
Syntax
Release Information
Description
Display detailed information about the active entries in the routing tables.
Options
of addresses.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
view
Output Fields
Table 31 on page 536 describes the output fields for the show route detail command.
Output fields are listed in the approximate order in which they appear.
Field Description
routing-table-name
number destinations
Number of destinations for which there are routes in the routing table.
number routes
Number of routes in the routing table and total number of routes in the following states:
536
holddown (routes that are in the pending state before being declared inactive)
Field Description
route-destination
(entry, announced)
Route destination (for example:10.0.0.1/24). The entry value is the number of routes for this destination,
and the announced value is the number of routes being announced for this destination. Sometimes
the route destination is presented in another format, such as:
10.1.1.195:NoCtrlWord:1:1:Local/96).
control-word-statusWhether the use of the control word has been negotiated for this virtual
circuit: NoCtrlWord or CtrlWord.
encapsulation typeType of encapsulation, represented by a number: (1) Frame Relay DLCI, (2)
ATM AAL5 VCC transport, (3) ATM transparent cell transport, (4) Ethernet, (5) VLAN Ethernet,
(6) HDLC, (7) PPP, (8) ATM VCC cell transport, (10) ATM VPC cell transport.
label stacking
(Next-to-the-last-hop routing device for MPLS only) Depth of the MPLS label stack, where the
label-popping operation is needed to remove one or more labels from the top of the stack. A pair of
routes is displayed, because the pop operation is performed only when the stack depth is two or more
labels.
S=0 route indicates that a packet with an incoming label stack depth of 2 or more exits this routing
[protocol, preference]
If there is no S= information, the route is a normal MPLS route, which has a stack depth of 1 (the
label-popping operation is not performed).
Protocol from which the route was learned and the preference value for the route.
+A plus sign indicates the active route, which is the route installed from the routing table into the
forwarding table.
*An asterisk indicates that the route is both the active and the last active route. An asterisk before
a to line indicates the best subpath to the route.
In every routing metric except for the BGP LocalPref attribute, a lesser value is preferred. In order to
use common comparison routines, Junos OS stores the 1's complement of the LocalPref value in the
Preference2 field. For example, if the LocalPref value for Route 1 is 100, the Preference2 value is -101.
If the LocalPref value for Route 2 is 155, the Preference2 value is -156. Route 2 is preferred because it
has a higher LocalPref value and a lower Preference2 value.
Level
(IS-IS only). In IS-IS, a single AS can be divided into smaller groups called areas. Routing between
areas is organized hierarchically, allowing a domain to be administratively divided into smaller areas.
This organization is accomplished by configuring Level 1 and Level 2 intermediate systems. Level 1
systems route within an area. When the destination is outside an area, they route toward a Level 2
system. Level 2 intermediate systems route between areas and toward other ASs.
Route Distinguisher
PMSI
Next-hop type
Type of next hop. For a description of possible values for this field, see Table 32 on page 541.
537
Field Description
Next-hop reference
count
Indicates that the number of flood next-hop branches exceeded the system limit of 32 branches, and
only a subset of the flood next-hop branches were installed in the kernel.
message
Source
Next hop
via
Interface used to reach the next hop. If there is more than one interface available to the next hop, the
name of the interface that is actually used is followed by the word Selected. This field can also contain
the following information:
WeightValue used to distinguish primary, secondary, and fast reroute backup routes. Weight
information is available when MPLS label-switched path (LSP) link protection, node-link protection,
or fast reroute is enabled, or when the standby state is enabled for secondary paths. A lower weight
value is preferred. Among routes with the same weight value, load balancing is possible.
BalanceBalance coefficient indicating how traffic of unequal cost is distributed among next hops
when a routing device is performing unequal-cost load balancing. This information is available
when you enable BGP multipath load balancing.
Label-switched-path
lsp-path-name
Label operation
MPLS label and operation occurring at this routing device. The operation can be pop (where a label
is removed from the top of the stack), push (where another label is added to the label stack), or swap
(where a label is replaced by another label).
Interface
Network layer address of the remote routing device that advertised the prefix. This address is used
to derive a forwarding next hop.
Index designation used to specify the mapping between protocol next hops, tags, kernel export policy,
and the forwarding next hops.
State
State of the route (a route can be in more than one state). See Table 33 on page 543.
Local AS
Age
AIGP
Metricn
Cost value of the indicated route. For routes within an AS, the cost is determined by IGP and the
individual protocol metrics. For external routes, destinations, or routing domains, the cost is determined
by a preference value.
538
Field Description
MED-plus-IGP
Metric value for BGP path selection to which the IGP cost to the next-hop destination has been added.
TTL-Action
For MPLS LSPs, state of the TTL propagation attribute. Can be enabled or disabled for all
RSVP-signaled and LDP-signaled LSPs or for specific VRF routing instances.
For sample output, see show route table.
Task
Announcement bits
The number of BGP peers or protocols to which Junos OS has announced this route, followed by the
list of the recipients of the announcement. Junos OS can also announce the route to the KRT for
installing the route into the Packet Forwarding Engine, to a resolve tree, a L2 VC, or even a VPN. For
example, n-Resolve inet indicates that the specified route is used for route resolution for next hops
found in the routing table.
AS path
AS path through which the route was learned. The letters at the end of the AS path indicate the path
origin, providing an indication of the state of the route at the point at which the AS path originated:
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
[ ]Brackets enclose the number that precedes the AS path. This number represents the number
of ASs present in the AS path, when calculated as defined in RFC 4271. This value is used in the
AS-path merge process, as defined in RFC 4893.
[ ]If more than one AS number is configured on the routing device, or if AS path prepending is
configured, brackets enclose the local AS number associated with the AS path.
{ }Braces enclose AS sets, which are groups of AS numbers in which the order does not matter.
A set commonly results from route aggregation. The numbers in each AS set are displayed in
ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an unrecognized attribute and
associated hexadecimal value if BGP receives attribute 128 (attribute set) and you have not configured
an independent domain in any routing instance.
validation-state
InvalidIndicates that the prefix is found, but either the corresponding AS received from the EBGP
peer is not the AS that appears in the database, or the prefix length in the BGP update message is
longer than the maximum length permitted in the database.
UnknownIndicates that the prefix is not among the prefixes or prefix ranges in the database.
UnverifiedIndicates that the origin of the prefix is not verified against the database. This is because
the database got populated and the validation is not called for in the BGP import policy, although
origin validation is enabled, or the origin validation is not enabled for the BGP peers.
ValidIndicates that the prefix and autonomous system pair are found in the database.
539
Field Description
Point-to-multipoint root address, multicast source address, and multicast group address when
multipoint LDP (M-LDP) inband signaling is configured.
Primary Upstream
When multipoint LDP with multicast-only fast reroute (MoFRR) is configured, the primary upstream
path. MoFRR transmits a multicast join message from a receiver toward a source on a primary path,
while also transmitting a secondary multicast join message from the receiver toward the source on
a backup path.
RPF Nexthops
When multipoint LDP with MoFRR is configured, the reverse-path forwarding (RPF) next-hop
information. Data packets are received from both the primary path and the secondary paths. The
redundant packets are discarded at topology merge points due to the RPF checks.
Label
Multiple MPLS labels are used to control MoFRR stream selection. Each label represents a separate
route, but each references the same interface list check. Only the primary label is forwarded while all
others are dropped. Multiple interfaces can receive packets using the same label.
weight
Value used to distinguish MoFRR primary and backup routes. A lower weight value is preferred. Among
routes with the same weight value, load balancing is possible.
VC Label
MTU
VLAN ID
Forwarding equivalent class (FEC) bound to this route. Applicable only to routes installed by LDP.
Communities
Community path attribute for the route. See Table 34 on page 545 for all possible values for this field.
Layer2-info: encaps
control flags
mtu
Label-Base, range
First label in a block of labels and label block size. A remote PE routing device uses this first label
when sending traffic toward the advertising PE routing device.
status vector
Accepted Multipath
Accepted
LongLivedStale
The LongLivedStale flag indicates that the route was marked LLGR-stale by this router, as part of the
operation of LLGR receiver mode. Either this flag or the LongLivedStaleImport flag may be displayed
for a route. Neither of these flags are displayed at the same time as the Stale (ordinary GR stale) flag.
540
Field Description
Accepted
LongLivedStaleImport
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale when it was received
from a peer, or by import policy. Either this flag or the LongLivedStale flag may be displayed for a
route. Neither of these flags are displayed at the same time as the Stale (ordinary GR stale) flag.
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale routes learned from
configured neighbors and import into the inet.0 routing table
ImportAccepted
LongLivedStaleImport
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale routes learned from
configured neighbors and imported into the inet.0 routing table
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale when it was received
from a peer, or by import policy.
Accepted
MultipathContrib
Localpref
Router ID
In a routing table group, the name of the primary routing table in which the route resides.
Secondary Tables
In a routing table group, the name of one or more secondary tables in which the route resides.
Table 32 on page 541 describes all possible values for the Next-hop Types output field.
Description
Broadcast (bcast)
Deny
Discard
Flood
Hold
Indexed (idxd)
541
Description
Indirect (indr)
Interface
Local (locl)
Multicast (mcst)
Multicast discard.
Receive (recv)
Receive.
Reject (rjct)
Resolve (rslv)
Router
Table
Unicast (ucst)
Unicast.
Unilist (ulst)
Table 33 on page 543 describes all possible values for the State output field. A route can
be in more than one state (for example, <Active NoReadvrt Int Ext>).
542
Description
Accounting
Active
Route is active.
AS path
Clone
Route is a clone.
Delete
Ex
Exterior route.
Ext
FlashAll
Hidden
IfCheck
IGP metric
Inactive reason
Flags for this route, which was not selected as best for a
particular destination.
Initial
Int
Interior route.
Int Ext
Local Preference
Martian
543
Description
MartianOK
No difference
NoReadvrt
NotBest
Route not chosen because it does not have the lowest MED.
NotInstall
Number of gateways
Origin
Pending
Release
RIB preference
Route Distinguisher
Route Preference
Router ID
Secondary
Unusable path
Update source
Table 34 on page 545 describes the possible values for the Communities output field.
544
Description
area-number
4 bytes, encoding a 32-bit area number. For AS-external routes, the value is 0. A nonzero value
identifies the route as internal to the OSPF domain, and as within the identified area. Area
numbers are relative to a particular OSPF domain.
bandwidth: local AS
number:link-bandwidth-number
Link-bandwidth community value used for unequal-cost load balancing. When BGP has
several candidate paths available for multipath purposes, it does not perform unequal-cost
load balancing according to the link-bandwidth community unless all candidate paths have
this attribute.
domain-id
domain-id-vendor
link-bandwidth-number
local AS number
options
1 byte. Currently this is only used if the route type is 5 or 7. Setting the least significant bit in
the field indicates that the route carries a type 2 metric.
origin
ospf-route-type
1 byte, encoded as 1 or 2 for intra-area routes (depending on whether the route came from a
type 1 or a type 2 LSA); 3 for summary routes; 5 for external routes (area number must be0);
7 for NSSA routes; or 129 for sham link endpoint addresses.
route-type-vendor
Displays the area number, OSPF route type, and option of the route. This is configured using
the BGP extended community attribute 0x8000. The format is
area-number:ospf-route-type:options.
rte-type
Displays the area number, OSPF route type, and option of the route. This is configured using
the BGP extended community attribute 0x0306. The format is
area-number:ospf-route-type:options.
target
Defines which VPN the route participates in; target has the format 32-bit IP address:16-bit
number. For example, 10.19.0.0:100.
unknown IANA
Incoming IANA codes with a value between 0x1 and 0x7fff. This code of the BGP extended
community attribute is accepted, but it is not recognized.
Incoming IANA codes with a value above 0x8000. This code of the BGP extended community
attribute is accepted, but it is not recognized.
Sample Output
show route detail
user@host> show route detail
inet.0: 22 destinations, 23 routes (21 active, 0 holddown, 1 hidden)
545
546
547
548
*VPLS
Preference: 7
Next-hop reference count: 2
Next hop: 10.31.1.6 via ge-3/1/0.0 weight 0x1, selected
Label-switched-path green-r1-r3
Label operation: Push 800012, Push 100096(top)
Protocol next hop: 10.255.70.103
Push 800012
Indirect next hop: 87272e4 1048574
State: <Active Int>
Age: 1:29:30
Metric2: 2
Task: Common L2 VC
Announcement bits (2): 0-KRT 1-Common L2 VC
AS path: I
Communities: target:11111:1 Layer2-info: encaps:VPLS,
control flags:, mtu: 0
549
*MLD
Preference: 0
Next-hop reference count: 18
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:31:43
Task: MLD
Announcement bits (1): 0-KRT
AS path: I
550
551
AS path: 2 I
Accepted MultipathContrib
Localpref: 100
Router ID: 1.1.1.3
show route label detail (Multipoint LDP Inband Signaling for Point-to-Multipoint LSPs)
user@host> show route label 299872 detail
mpls.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
299872 (1 entry, 1 announced)
*LDP
Preference: 9
Next hop type: Flood
Next-hop reference count: 3
Address: 0x9097d90
Next hop: via vt-0/1/0.1
Next-hop index: 661
Label operation: Pop
Address: 0x9172130
Next hop: via so-0/0/3.0
Next-hop index: 654
Label operation: Swap 299872
State: **Active Int>
Local AS: 1001
Age: 8:20
Metric: 1
Task: LDP
Announcement bits (1): 0-KRT
AS path: I
FECs bound to route: P2MP root-addr 10.255.72.166, grp 232.1.1.1,
src 192.168.142.2
show route label detail (Multipoint LDP with Multicast-Only Fast Reroute)
user@host> show route label 301568 detail
mpls.0: 18 destinations, 18 routes (18 active, 0 holddown, 0 hidden)
301568 (1 entry, 1 announced)
*LDP
Preference: 9
Next hop type: Flood
Address: 0x2735208
Next-hop reference count: 3
Next hop type: Router, Next hop index: 1397
Address: 0x2735d2c
Next-hop reference count: 3
Next hop: 1.3.8.2 via ge-1/2/22.0
Label operation: Pop
Load balance label: None;
Next hop type: Router, Next hop index: 1395
Address: 0x2736290
Next-hop reference count: 3
Next hop: 1.3.4.2 via ge-1/2/18.0
Label operation: Pop
Load balance label: None;
State: <Active Int AckRequest MulticastRPF>
Local AS:
10
Age: 54:05
Metric: 1
Validation State: unverified
Task: LDP
Announcement bits (1): 0-KRT
AS path: I
FECs bound to route: P2MP root-addr 1.1.1.1, grp: 232.1.1.1, src:
192.168.219.11
552
553
Syntax
Description
Options
Output Fields
view
Sample Output
show route exact
user@host> show route exact 207.17.136.0/24
inet.0: 24 destinations, 25 routes (23 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
207.17.136.0/24
*[Static/5] 2d 03:30:22
> to 192.168.71.254 via fxp0.0
554
Restart Complete
207.17.136.0/24 (1 entry, 1 announced)
*Static Preference: 5
Next-hop reference count: 29
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
69
Age: 2d 3:30:26
Task: RT
Announcement bits (2): 0-KRT 3-Resolve tree 2
AS path: I
555
Syntax
Release Information
Description
Options
routing tables whose name begins with this string (for example, inet.0 and inet6.0
are both displayed when you run the show route export inet command).
Required Privilege
Level
List of Sample Output
Output Fields
view
Field Description
Level of Output
Table or table-name
All levels
Routes
Number of routes exported from this table into other tables. If a particular route
is exported to different tables, the counter will only increment by one.
brief none
556
Field Description
Level of Output
Export
Whether the table is currently exporting routes to other tables: Y or N (Yes or No).
brief none
Import
Tables currently importing routes from the originator table. (Not displayed for
tables that are not exporting any routes.)
detail
Flags
detail
config auto-policyThe policy was deduced from the configured IGP export
policies.
Options
(instance keyword only) Configured option displays the type of routing tables the
feature handles:
unicastIndicates instance.inet.0.
multicastIndicates instance.inet.2.
detail
Import policy
(instance keyword only) Policy that route export uses to construct the import-export
matrix. Not displayed if the instance type is vrf.
detail
Instance
detail
Type
detail
Sample Output
show route export
user@host> show route export
Table
inet.0
black.inet.0
red.inet.0
Export
N
Y
Y
Routes
0
3
4
Routes:
Routes:
0
3
Routes:
557
Instance: black
Instance: red
558
Type: non-forwarding
Type: non-forwarding
Syntax
Description
Options
of addresses.
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
view
Output Fields
Table 36 on page 559 describes the output fields for the show route extensive command.
Output fields are listed in the approximate order in which they appear.
Field Description
routing-table-name
number destinations
Number of destinations for which there are routes in the routing table.
559
Field Description
number routes
Number of routes in the routing table and total number of routes in the following states:
route-destination
(entry, announced)
holddown (routes that are in the pending state before being declared inactive).
Route destination (for example: 10.0.0.1/24). The entry value is the number of route for this destination,
and the announced value is the number of routes being announced for this destination. Sometimes
the route destination is presented in another format, such as:
10.1.1.195:NoCtrlWord:1:1:Local/96).
control-word-statusWhether the use of the control word has been negotiated for this virtual
circuit: NoCtrlWord or CtrlWord.
encapsulation typeType of encapsulation, represented by a number: (1) Frame Relay DLCI, (2)
ATM AAL5 VCC transport, (3) ATM transparent cell transport, (4) Ethernet, (5) VLAN Ethernet,
(6) HDLC, (7) PPP, (8) ATM VCC cell transport, (10) ATM VPC cell transport.
TSI
label stacking
(Next-to-the-last-hop routing device for MPLS only) Depth of the MPLS label stack, where the
label-popping operation is needed to remove one or more labels from the top of the stack. A pair of
routes is displayed, because the pop operation is performed only when the stack depth is two or more
labels.
S=0 route indicates that a packet with an incoming label stack depth of two or more exits this router
[protocol, preference]
If there is no S= information, the route is a normal MPLS route, which has a stack depth of 1 (the
label-popping operation is not performed).
Protocol from which the route was learned and the preference value for the route.
+A plus sign indicates the active route, which is the route installed from the routing table into the
forwarding table.
*An asterisk indicates that the route is both the active and the last active route. An asterisk before
a to line indicates the best subpath to the route.
In every routing metric except for the BGP LocalPref attribute, a lesser value is preferred. In order to
use common comparison routines, Junos OS stores the 1's complement of the LocalPref value in the
Preference2 field. For example, if the LocalPref value for Route 1 is 100, the Preference2 value is -101.
If the LocalPref value for Route 2 is 155, the Preference2 value is -156. Route 2 is preferred because it
has a higher LocalPref value and a lower Preference2 value.
560
Field Description
Level
(IS-IS only). In IS-IS, a single autonomous system (AS) can be divided into smaller groups called
areas. Routing between areas is organized hierarchically, allowing a domain to be administratively
divided into smaller areas. This organization is accomplished by configuring Level 1 and Level 2
intermediate systems. Level 1 systems route within an area. When the destination is outside an area,
they route toward a Level 2 system. Level 2 intermediate systems route between areas and toward
other ASs.
Route Distinguisher
PMSI
Next-hop type
Type of next hop. For a description of possible values for this field, see the Output Field table in the
show route detail command.
Next-hop reference
count
Indicates that the number of flood next-hop branches exceeded the system limit of 32 branches, and
only a subset of the flood next-hop branches were installed in the kernel.
message
Source
Next hop
via
Interface used to reach the next hop. If there is more than one interface available to the next hop, the
name of the interface that is actually used is followed by the word Selected. This field can also contain
the following information:
WeightValue used to distinguish primary, secondary, and fast reroute backup routes. Weight
information is available when MPLS label-switched path (LSP) link protection, node-link protection,
or fast reroute is enabled, or when the standby state is enabled for secondary paths. A lower weight
value is preferred. Among routes with the same weight value, load balancing is possible.
BalanceBalance coefficient indicating how traffic of unequal cost is distributed among next hops
when a routing device is performing unequal-cost load balancing. This information is available
when you enable BGP multipath load balancing.
Label-switched-path
lsp-path-name
Label operation
MPLS label and operation occurring at this routing device. The operation can be pop (where a label
is removed from the top of the stack), push (where another label is added to the label stack), or swap
(where a label is replaced by another label).
Offset
Interface
Network layer address of the remote routing device that advertised the prefix. This address is used
to recursively derive a forwarding next hop.
561
Field Description
label-operation
MPLS label and operation occurring at this routing device. The operation can be pop (where a label
is removed from the top of the stack), push (where another label is added to the label stack), or swap
(where a label is replaced by another label).
When present, a list of nodes that are used to resolve the path to the next-hop destination, in the
order that they are resolved.
When BGP PIC Edge is enabled, the output lines that contain Indirect next hop: weight follow next
hops that the software can use to repair paths where a link failure occurs. The next-hop weight has
one of the following values:
State
State of the route (a route can be in more than one state). See the Output Field table in the show
route detail command.
Session ID
The BFD session ID number that represents the protection using MPLS fast reroute (FRR) and loop-free
alternate (LFA).
Weight
Weight for the backup path. If the weight of an indirect next hop is larger than zero, the weight value
is shown.
For sample output, see show route table.
562
Field Description
Inactive reason
If the route is inactive, the reason for its current state is indicated. Typical reasons include:
Always compare MEDPath with a lower multiple exit discriminator (MED) is available.
Cisco Non-deterministic MED selectionCisco nondeterministic MED is enabled and a path with a
IGP metricPath through the next hop with a lower IGP metric is available.
IGP metric typePath with a lower OSPF link-state advertisement type is available.
Interior > Exterior > Exterior via InteriorDirect, static, IGP, or EBGP path is available.
Not Best in its groupOccurs when multiple peers of the same external AS advertise the same
prefix and are grouped together in the selection process. When this reason is displayed, an additional
reason is provided (typically one of the other reasons listed).
Unusable pathPath is not usable because of one of the following conditions: the route is damped,
Local AS
Age
AIGP
Metric
Cost value of the indicated route. For routes within an AS, the cost is determined by IGP and the
individual protocol metrics. For external routes, destinations, or routing domains, the cost is determined
by a preference value.
MED-plus-IGP
Metric value for BGP path selection to which the IGP cost to the next-hop destination has been added.
TTL-Action
For MPLS LSPs, state of the TTL propagation attribute. Can be enabled or disabled for all
RSVP-signaled and LDP-signaled LSPs or for specific VRF routing instances.
For sample output, see show route table.
563
Field Description
Task
Announcement bits
List of protocols that announce this route. n-Resolve inet indicates that the route is used for route
resolution for next hops found in the routing table. n is an index used by Juniper Networks customer
support only.
AS path
AS path through which the route was learned. The letters at the end of the AS path indicate the path
origin, providing an indication of the state of the route at the point at which the AS path originated:
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
[ ]Brackets enclose the local AS number associated with the AS path if more than one AS number
{ }Braces enclose AS sets, which are groups of AS numbers in which the order does not matter.
A set commonly results from route aggregation. The numbers in each AS set are displayed in
ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an unrecognized attribute and
associated hexadecimal value if BGP receives attribute 128 (attribute set) and you have not configured
an independent domain in any routing instance.
validation-state
InvalidIndicates that the prefix is found, but either the corresponding AS received from the EBGP
peer is not the AS that appears in the database, or the prefix length in the BGP update message is
longer than the maximum length permitted in the database.
UnknownIndicates that the prefix is not among the prefixes or prefix ranges in the database.
UnverifiedIndicates that origin validation is not enabled for the BGP peers.
ValidIndicates that the prefix and autonomous system pair are found in the database.
Point-to-multipoint root address, multicast source address, and multicast group address when
multipoint LDP (M-LDP) inband signaling is configured.
AS path: I <Originator>
(For route reflected output only) Originator ID attribute set by the route reflector.
564
Field Description
route status
Primary Upstream
When multipoint LDP with multicast-only fast reroute (MoFRR) is configured, the primary upstream
path. MoFRR transmits a multicast join message from a receiver toward a source on a primary path,
while also transmitting a secondary multicast join message from the receiver toward the source on
a backup path.
RPF Nexthops
When multipoint LDP with MoFRR is configured, the reverse-path forwarding (RPF) next-hop
information. Data packets are received from both the primary path and the secondary paths. The
redundant packets are discarded at topology merge points due to the RPF checks.
Label
Multiple MPLS labels are used to control MoFRR stream selection. Each label represents a separate
route, but each references the same interface list check. Only the primary label is forwarded while all
others are dropped. Multiple interfaces can receive packets using the same label.
weight
Value used to distinguish MoFRR primary and backup routes. A lower weight value is preferred. Among
routes with the same weight value, load balancing is possible.
VC Label
MTU
VLAN ID
Cluster list
(For route reflected output only) Cluster ID sent by the route reflector.
Originator ID
(For route reflected output only) Address of router that originally sent the route to the route reflector.
Forwarding equivalent class (FEC) bound to this route. Applicable only to routes installed by LDP.
Communities
Community path attribute for the route. See the Output Field table in the show route detail command
for all possible values for this field.
Layer2-info: encaps
control flags
mtu
Label-Base, range
First label in a block of labels and label block size. A remote PE routing device uses this first label
when sending traffic toward the advertising PE routing device.
565
Field Description
status vector
Localpref
Router ID
In a routing table group, the name of the primary routing table in which the route resides.
Secondary Tables
In a routing table group, the name of one or more secondary tables in which the route resides.
Originating RIB
Name of the routing table whose active route was used to determine the forwarding next-hop entry
in the resolution database. For example, in the case of inet.0 resolving through inet.0 and inet.3, this
field indicates which routing table, inet.0 or inet.3, provided the best path for a particular prefix.
Forwarding nexthops
Number of forwarding next hops. The forwarding next hop is the network layer address of the directly
reachable neighboring system (if applicable) and the interface used to reach it.
Sample Output
show route extensive
user@host> show route extensive
inet.0: 22 destinations, 23 routes (21 active, 0 holddown, 1 hidden)
10.10.0.0/16 (1 entry, 1 announced)
TSI:
KRT in-kernel 10.10.0.0/16 -> {192.168.71.254}
*Static Preference: 5
Next-hop reference count: 29
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
69
Age: 1:34:06
Task: RT
Announcement bits (2): 0-KRT 3-Resolve tree 2
AS path: I
10.31.1.0/30 (2 entries, 1 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 2
Next hop: via so-0/3/0.0, selected
State: <Active Int>
Local AS:
69
Age: 1:32:40
Task: IF
Announcement bits (1): 3-Resolve tree 2
AS path: I
OSPF
Preference: 10
Next-hop reference count: 1
Next hop: via so-0/3/0.0, selected
566
State: <Int>
Inactive reason: Route Preference
Local AS:
69
Age: 1:32:40
Metric: 1
Area: 0.0.0.0
Task: OSPF
AS path: I
10.31.1.1/32 (1 entry, 1 announced)
*Local Preference: 0
Next hop type: Local
Next-hop reference count: 7
Interface: so-0/3/0.0
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:32:43
Task: IF
Announcement bits (1): 3-Resolve tree 2
AS path: I
...
10.31.2.0/30 (1 entry, 1 announced)
TSI:
KRT in-kernel 10.31.2.0/30 -> {10.31.1.6}
*OSPF
Preference: 10
Next-hop reference count: 9
Next hop: via so-0/3/0.0
Next hop: 10.31.1.6 via ge-3/1/0.0, selected
State: <Active Int>
Local AS:
69
Age: 1:32:19
Metric: 2
Area: 0.0.0.0
Task: OSPF
Announcement bits (2): 0-KRT 3-Resolve tree 2
AS path: I
...
224.0.0.2/32 (1 entry, 1 announced)
TSI:
KRT in-kernel 224.0.0.2/32 -> {}
*PIM
Preference: 0
Next-hop reference count: 18
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:34:08
Task: PIM Recv
Announcement bits (2): 0-KRT 3-Resolve tree 2
AS path: I
...
224.0.0.22/32 (1 entry, 1 announced)
TSI:
KRT in-kernel 224.0.0.22/32 -> {}
*IGMP
Preference: 0
Next-hop reference count: 18
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:34:06
567
Task: IGMP
Announcement bits (2): 0-KRT 3-Resolve tree 2
AS path: I
inet.3: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
10.255.70.103/32 (1 entry, 1 announced)
State: <FlashAll>
*RSVP
Preference: 7
Next-hop reference count: 6
Next hop: 10.31.1.6 via ge-3/1/0.0 weight 0x1, selected
Label-switched-path green-r1-r3
Label operation: Push 100096
State: <Active Int>
Local AS:
69
Age: 1:28:12
Metric: 2
Task: RSVP
Announcement bits (2): 1-Resolve tree 1 2-Resolve tree 2
AS path: I
10.255.71.238/32 (1 entry, 1 announced)
State: <FlashAll>
*RSVP
Preference: 7
Next-hop reference count: 6
Next hop: via so-0/3/0.0 weight 0x1, selected
Label-switched-path green-r1-r2
State: <Active Int>
Local AS:
69
Age: 1:28:12
Metric: 1
Task: RSVP
Announcement bits (2): 1-Resolve tree 1 2-Resolve tree 2
AS path: I
private1__.inet.0: 2 destinations, 3 routes (2 active, 0 holddown, 0 hidden)
...
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
47.0005.80ff.f800.0000.0108.0001.0102.5507.1052/152 (1 entry, 0 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 1
Next hop: via lo0.0, selected
State: <Active Int>
Local AS:
69
Age: 1:34:07
Task: IF
AS path: I
mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
0
(1 entry, 1 announced)
TSI:
KRT in-kernel 0
/36 -> {}
*MPLS
Preference: 0
Next hop type: Receive
Next-hop reference count: 6
State: <Active Int>
Local AS:
69
Age: 1:34:08
Metric: 1
568
Task: MPLS
Announcement bits (1): 0-KRT
AS path: I
...
mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
299840 (1 entry, 1 announced)
TSI:
KRT in-kernel 299840 /52 -> {indirect(1048575)}
*RSVP
Preference: 7/2
Next hop type: Flood
Address: 0x9174a30
Next-hop reference count: 4
Next hop type: Router, Next hop index: 798
Address: 0x9174c28
Next-hop reference count: 2
Next hop: 8.0.0.2 via lt-1/2/0.9 weight 0x1
Label-switched-path R2-to-R4-2p2mp
Label operation: Pop
Next hop type: Router, Next hop index: 1048574
Address: 0x92544f0
Next-hop reference count: 2
Next hop: 7.0.0.2 via lt-1/2/0.7 weight 0x1
Label-switched-path R2-to-R200-p2mp
Label operation: Pop
Next hop: 6.0.0.2 via lt-1/2/0.5 weight 0x8001
Label operation: Pop
State: <Active Int>
Age: 1:29
Metric: 1
Task: RSVP
Announcement bits (1): 0-KRT
AS path: I...
800010 (1 entry, 1 announced)
TSI:
KRT in-kernel 800010 /36 -> {vt-3/2/0.32769}
*VPLS
Preference: 7
Next-hop reference count: 2
Next hop: via vt-3/2/0.32769, selected
Label operation: Pop
State: <Active Int>
Age: 1:31:53
Task: Common L2 VC
Announcement bits (1): 0-KRT
AS path: I
vt-3/2/0.32769 (1 entry, 1 announced)
TSI:
KRT in-kernel vt-3/2/0.32769.0
/16 -> {indirect(1048574)}
*VPLS
Preference: 7
Next-hop reference count: 2
Next hop: 10.31.1.6 via ge-3/1/0.0 weight 0x1, selected
Label-switched-path green-r1-r3
Label operation: Push 800012, Push 100096(top)
Protocol next hop: 10.255.70.103
Push 800012
Indirect next hop: 87272e4 1048574
State: <Active Int>
Age: 1:31:53
Metric2: 2
569
Task: Common L2 VC
Announcement bits (2): 0-KRT 1-Common L2 VC
AS path: I
Communities: target:11111:1 Layer2-info: encaps:VPLS,
control flags:, mtu: 0
Indirect next hops: 1
Protocol next hop: 10.255.70.103 Metric: 2
Push 800012
Indirect next hop: 87272e4 1048574
Indirect path forwarding next hops: 1
Next hop: 10.31.1.6 via ge-3/1/0.0 weight 0x1
10.255.70.103/32 Originating RIB: inet.3
Metric: 2
Node path count: 1
Forwarding nexthops: 1
Nexthop: 10.31.1.6 via ge-3/1/0.0
inet6.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
abcd::10:255:71:52/128 (1 entry, 0 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 1
Next hop: via lo0.0, selected
State: <Active Int>
Local AS:
69
Age: 1:34:07
Task: IF
AS path: I
fe80::280:42ff:fe10:f179/128 (1 entry, 0 announced)
*Direct Preference: 0
Next hop type: Interface
Next-hop reference count: 1
Next hop: via lo0.0, selected
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:34:07
Task: IF
AS path: I
ff02::2/128 (1 entry, 1 announced)
TSI:
KRT in-kernel ff02::2/128 -> {}
*PIM
Preference: 0
Next-hop reference count: 18
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:34:08
Task: PIM Recv6
Announcement bits (1): 0-KRT
AS path: I
ff02::d/128 (1 entry, 1 announced)
TSI:
KRT in-kernel ff02::d/128 -> {}
*PIM
Preference: 0
Next-hop reference count: 18
State: <Active NoReadvrt Int>
Local AS:
69
Age: 1:34:08
Task: PIM Recv6
570
571
572
Localpref: 100
Router ID: 10.9.9.1
573
TSI:
KRT in-kernel 20.31.2.0/24 -> {Push 299776, Push 299792}
*RSVP
Preference: 7/1
Next hop type: Router, Next hop index: 1048574
Address: 0xbbbc010
Next-hop reference count: 5
Next hop: 10.31.1.2 via ge-2/1/8.0 weight 0x1, selected
Label-switched-path europa-d-to-europa-e
Label operation: Push 299776
Label TTL action: prop-ttl
Session Id: 0x201
Next hop: 10.31.2.2 via ge-2/1/4.0 weight 0x4001
Label-switched-path europa-d-to-europa-e
Label operation: Push 299792
Label TTL action: prop-ttl
Session Id: 0x202
State: Active Int
Local AS:
100
Age: 5:31 Metric: 2
Task: RSVP
Announcement bits (1): 0-KRT
AS path: I
OSPF
Preference: 10
Next hop type: Router, Next hop index: 615
Address: 0xb9d78c4
Next-hop reference count: 7
Next hop: 10.31.1.2 via ge-2/1/8.0, selected
Session Id: 0x201
State: Int
Inactive reason: Route Preference
Local AS:
100
Age: 5:35 Metric: 3
Area: 0.0.0.0
Task: OSPF
AS path: I
574
show route label detail (Multipoint LDP Inband Signaling for Point-to-Multipoint LSPs)
user@host> show route label 299872 detail
mpls.0: 13 destinations, 13 routes (13 active, 0 holddown, 0 hidden)
299872 (1 entry, 1 announced)
*LDP
Preference: 9
Next hop type: Flood
Next-hop reference count: 3
Address: 0x9097d90
Next hop: via vt-0/1/0.1
Next-hop index: 661
Label operation: Pop
Address: 0x9172130
Next hop: via so-0/0/3.0
Next-hop index: 654
Label operation: Swap 299872
State: **Active Int>
Local AS: 1001
Age: 8:20
Metric: 1
Task: LDP
Announcement bits (1): 0-KRT
AS path: I
FECs bound to route: P2MP root-addr 10.255.72.166, grp 232.1.1.1,
src 192.168.142.2
show route label detail (Multipoint LDP with Multicast-Only Fast Reroute)
user@host> show route label 301568 detail
mpls.0: 18 destinations, 18 routes (18 active, 0 holddown, 0 hidden)
301568 (1 entry, 1 announced)
*LDP
Preference: 9
Next hop type: Flood
Address: 0x2735208
Next-hop reference count: 3
Next hop type: Router, Next hop index: 1397
Address: 0x2735d2c
Next-hop reference count: 3
Next hop: 1.3.8.2 via ge-1/2/22.0
Label operation: Pop
Load balance label: None;
Next hop type: Router, Next hop index: 1395
Address: 0x2736290
Next-hop reference count: 3
Next hop: 1.3.4.2 via ge-1/2/18.0
Label operation: Pop
Load balance label: None;
State: <Active Int AckRequest MulticastRPF>
Local AS:
10
Age: 54:05
Metric: 1
Validation State: unverified
Task: LDP
Announcement bits (1): 0-KRT
AS path: I
FECs bound to route: P2MP root-addr 1.1.1.1, grp: 232.1.1.1, src:
192.168.219.11
Primary Upstream : 1.1.1.3:0--1.1.1.2:0
RPF Nexthops :
575
576
Syntax
Release Information
577
Display the Routing Engine's forwarding table, including the network-layer prefixes and
their next hops. This command is used to help verify that the routing protocol process
has relayed the correction information to the forwarding table. The Routing Engine
constructs and maintains one or more routing tables. From the routing tables, the Routing
Engine derives a table of active routes, called the forwarding table.
NOTE: The Routing Engine copies the forwarding table to the Packet
Forwarding Engine, the part of the router that is responsible for forwarding
packets. To display the entries in the Packet Forwarding Engine's forwarding
table, use the show pfe route command.
Options
noneDisplay the routes in the forwarding tables. By default, the show route
forwarding-table command does not display information about private, or internal,
forwarding tables.
detail | extensive | summary(Optional) Display the specified level of output.
all(Optional) Display routing table entries for all forwarding tables, including private,
or internal, tables.
bridge-domain (all | bridge-domain-name)(MX Series routers only) (Optional) Display
route entries for all bridge domains or the specified bridge domain.
ccc interface-name(Optional) Display route entries for the specified circuit cross-connect
interface.
destination destination-prefix(Optional) Destination prefix.
family family(Optional) Display routing table entries for the specified family:
fibre-channel, fmembers, inet, inet6, iso, mpls, tnp, unix, vpls, or vlan-classification.
interface-name interface-name(Optional) Display routing table entries for the specified
interface.
label name(Optional) Display route entries for the specified label.
lcc number(TX Matrix and TX matrix Plus routers only) (Optional) On a routing matrix
composed of a TX Matrix router and T640 routers, display information for the
specified T640 router (or line-card chassis) connected to the TX Matrix router. On
a routing matrix composed of the TX Matrix Plus router and T1600 or T4000 routers,
display information for the specified router (line-card chassis) connected to the TX
Matrix Plus router.
578
Replace number with the following values depending on the LCC configuration:
0 through 7, when T1600 routers are connected to a TX Matrix Plus router with 3D
SIBs in a routing matrix.
or prefix length.
multicast(Optional) Display routing table entries for multicast routes.
table (default | logical-system-name/routing-instance-name |
routing-instance-name)(Optional) Display route entries for all the routing tables in
the main routing instance or for the specified routing instance. If your device supports
logical systems, you can also display route entries for the specified logical system
and routing instance. To view the routing instances on your device, use the show
route instance command.
vlan (all | vlan-name)(Optional) Display information for all VLANs or for the specified
VLAN.
vpn vpn(Optional) Display routing table entries for a specified VPN.
Required Privilege
Level
List of Sample Output
view
579
Table 37 on page 580 lists the output fields for the show route forwarding-table command.
Output fields are listed in the approximate order in which they appear. Field names might
be abbreviated (as shown in parentheses) when no level of output is specified, or when
the detail keyword is used instead of the extensive keyword.
Field Description
Level of Output
Logical system
Name of the logical system. This field is displayed if you specify the table
logical-system-name/routing-instance-name option on a device that is configured
for and supports logical systems.
All levels
Routing table
All levels
Address family
Address family (for example, IP, IPv6, ISO, MPLS, and VPLS).
All levels
Destination
detail extensive
How the route was placed into the forwarding table. When the detail keyword
is used, the route type might be abbreviated (as shown in parentheses):
All levels
unreachable.
initialized.
configuration.
Route Reference
(RtRef)
detail extensive
Flags
extensive
cachedCache route.
destination.
Next hop
580
staticStatic route.
detail extensive
Field Description
Level of Output
Next-hop type. When the detail keyword is used, the next-hop type might be
abbreviated (as indicated in parentheses):
detail extensive
broadcast (bcst)Broadcast.
denyDeny.
receive (recv)Receive.
unicast (ucst)Unicast.
unilist (ulst)List of unicast next hops. A packet sent to this next hop goes
Software index of the next hop that is used to route the traffic for a given prefix.
Route
interface-index
Logical interface index from which the route is learned. For example, for interface
routes, this is the logical interface index of the route itself. For static routes, this
field is zero. For routes learned through routing protocols, this is the logical
interface index from which the route is learned.
extensive
Reference (NhRef)
Next-hop interface
(Netif)
Weight
Value used to distinguish primary, secondary, and fast reroute backup routes.
Weight information is available when MPLS label-switched path (LSP) link
protection, node-link protection, or fast reroute is enabled, or when the standby
state is enabled for secondary paths. A lower weight value is preferred. Among
routes with the same weight value, load balancing is possible (see the Balance
field description).
extensive
Balance
extensive
RPF interface
List of interfaces from which the prefix can be accepted. Reverse path forwarding
(RPF) information is displayed only when rpf-check is configured on the interface.
extensive
581
Sample Output
show route forwarding-table
user@host> show route forwarding-table
Routing table: default.inet
Internet:
Destination
Type RtRef Next hop
default
perm
0
0.0.0.0/32
perm
0
1.1.1.0/24
ifdn
0
1.1.1.0/32
iddn
0 1.1.1.0
1.1.1.1/32
user
0
1.1.1.1/32
intf
0 1.1.1.1
1.1.1.1/32
iddn
0 1.1.1.1
1.1.1.255/32
iddn
0 ff:ff:ff:ff:ff:ff
10.0.0.0/24
intf
0
10.0.0.0/32
dest
0 10.0.0.0
10.0.0.1/32
intf
0 10.0.0.1
10.0.0.1/32
dest
0 10.0.0.1
10.0.0.255/32
dest
0 10.0.0.255
10.1.1.0/24
ifdn
0
10.1.1.0/32
iddn
0 10.1.1.0
10.1.1.1/32
user
0
10.1.1.1/32
intf
0 10.1.1.1
10.1.1.1/32
iddn
0 10.1.1.1
10.1.1.255/32
iddn
0 ff:ff:ff:ff:ff:ff
10.206.0.0/16
user
0 10.209.63.254
10.209.0.0/16
user
1 0:12:1e:ca:98:0
10.209.0.0/18
intf
0
10.209.0.0/32
dest
0 10.209.0.0
10.209.2.131/32
intf
0 10.209.2.131
10.209.2.131/32
dest
0 10.209.2.131
10.209.17.55/32
dest
0 0:30:48:5b:78:d2
10.209.63.42/32
dest
0 0:23:7d:58:92:ca
10.209.63.254/32
dest
0 0:12:1e:ca:98:0
10.209.63.255/32
dest
0 10.209.63.255
10.227.0.0/16
user
0 10.209.63.254
...
Routing table: iso
ISO:
Destination
Type RtRef Next hop
Type Index NhRef Netif
default
perm
0
rjct
27
1
47.0005.80ff.f800.0000.0108.0003.0102.5524.5220.00
intf
0
locl
28
1
Routing table: inet6
Internet6:
Destination
Type RtRef Next hop
default
perm
0
ff00::/8
perm
0
ff02::1/128
perm
0 ff02::1
Routing table: ccc
MPLS:
Interface.Label
Type RtRef Next hop
default
perm
0
100004(top)fe-0/0/1.0
582
...
Routing table: private1__.inet
Internet:
Destination
Type RtRef Next hop
default
perm
0
10.0.0.0/8
intf
0
10.0.0.0/32
dest
0 10.0.0.0
10.0.0.4/32
intf
0 10.0.0.4
10.0.0.4/32
dest
0 10.0.0.4
...
Routing table: iso
ISO:
Destination
Type RtRef Next hop
default
perm
0
...
Routing table: mpls
MPLS:
Destination
Type RtRef Next hop
default
perm
0
Route interface-index: 0
583
Index: 262143
Reference: 1
Index: 335
Weight: 22
Reference: 2
Balance: 3
Index: 337
Weight: 33
Reference: 2
Balance: 33
Route interface-index: 0
Index: 132
Reference: 4
Route interface-index: 0
Index: 14
Reference: 1
Route interface-index: 0
Index: 320
Reference: 1
...
Routing table: private1__.inet [Index 1]
Internet:
Destination: default
Route type: permanent
Route reference: 0
Flags: sent to PFE
Next-hop type: reject
Destination: 10.0.0.0/8
Route type: interface
Route reference: 0
Flags: sent to PFE
Next-hop type: resolve
Next-hop interface: fxp1.0
Route interface-index: 0
Index: 46
Reference: 1
Route interface-index: 3
Index: 136
Reference: 1
...
Routing table: iso [Index 0]
ISO:
Destination: default
Route type: permanent
584
Route reference: 0
Flags: sent to PFE
Next-hop type: reject
Route interface-index: 0
Index: 38
Reference: 1
Route interface-index: 0
Destination: ff00::/8
Route type: permanent
Route reference: 0
Flags: sent to PFE
Next-hop type: multicast discard
Route interface-index: 0
Index: 22
Index: 21
Reference: 1
Reference: 1
...
Routing table: private1__.inet6 [Index 1]
Internet6:
Destination: default
Route type: permanent
Route reference: 0
Flags: sent to PFE
Next-hop type: reject
Route interface-index: 0
Index: 54
Reference: 1
Destination: fe80::2a0:a5ff:fe3d:375/128
Route type: interface
Route reference: 0
Route interface-index: 0
Flags: sent to PFE
Nexthop: fe80::2a0:a5ff:fe3d:375
Next-hop type: local
Index: 75
Reference: 1
...
585
Index: 328
Reference: 1
indr
351
4
Push 800000, Push 100002(top)
so-0/0/0.0
so-0/0/0.0
00:90:69:85:b0:1f/48
dynm
indr
351
4
Push 800000, Push 100002(top)
<<<<<<Local CE
ucst
354
2 fe-0/1/0.0
show route forwarding-table vpls (Broadcast, unknown unicast, and multicast (BUM) hashing is enabled)
user@host> show route forwarding-table vpls
Routing table: green.vpls
VPLS:
Enabled protocols: BUM hashing
Destination
Type RtRef Next hop
default
perm
0
lsi.1048832
intf
0
4.4.3.2
ge-3/0/0.0
00:19:e2:25:d0:01/48 user
0
0x30003/51
user
0
ge-2/3/9.0
intf
0
ge-3/1/3.0
intf
0
0x30002/51
user
0
0x30001/51
user
0
586
Type Index
NhRef Netif
dscd
519
1
indr 1048574
4
Push 262145
621
2
ucst
comp
ucst
ucst
comp
comp
590
627
590
619
600
597
5 ge-2/3/9.0
2
5 ge-2/3/9.0
4 ge-3/1/3.0
2
2
show route forwarding-table vpls (Broadcast, unknown unicast, and multicast (BUM) hashing is enabled with
MAC Statistics)
user@host> show route forwarding-table vpls
Routing table: green.vpls
VPLS:
Enabled protocols: BUM hashing, MAC Stats
Destination
Type RtRef Next hop
default
perm
0
lsi.1048834
intf
0
4.4.3.2
ge-3/0/0.0
00:19:e2:25:d0:01/48 user
0
0x30003/51
user
0
ge-2/3/9.0
intf
0
ge-3/1/3.0
intf
0
0x30002/51
user
0
0x30001/51
user
0
Type Index
NhRef Netif
dscd
519
1
indr 1048574
4
Push 262145
592
2
ucst
comp
ucst
ucst
comp
comp
590
630
590
591
627
624
5 ge-2/3/9.0
2
5 ge-2/3/9.0
4 ge-3/1/3.0
2
2
Route interface-index: 72
Index: 289
Index: 291
Reference: 1
Reference: 3
Index: 290
Reference: 3
Route interface-index: 0
Index: 341
Reference: 1
Route interface-index: 69
Index: 293
Index: 363
Reference: 1
Reference: 4
Index: 301
Reference: 5
Index: 291
Reference: 3
Route interface-index: 70
Index: 292
Reference: 1
587
Index: 363
Reference: 4
Index: 301
Reference: 5
Index: 290
Reference: 3
Destination: 10:00:00:01:01:01/48
Route type: dynamic
Route reference: 0
Route interface-index: 70
Flags: sent to PFE, prefix load balance
Next-hop type: unicast
Index: 291
Reference: 3
Next-hop interface: fe-0/1/3.0
Route used as destination:
Packet count:
6640
Byte count:
675786
Route used as source
Packet count:
6894
Byte count:
696424
Destination: 10:00:00:01:01:04/48
Route type: dynamic
Route reference: 0
Route interface-index: 69
Flags: sent to PFE, prefix load balance
Next-hop type: unicast
Index: 290
Reference: 3
Next-hop interface: fe-0/1/2.0
Route used as destination:
Packet count:
96
Byte count:
8079
Route used as source:
Packet count:
296
Byte count:
24955
Destination: 10:00:00:01:03:05/48
Route type: dynamic
Route reference: 0
Route interface-index: 74
Flags: sent to PFE, prefix load balance
Next-hop type: indirect
Index: 301
Reference: 5
Next hop: 10.31.3.2
Next-hop type: Push 800000
Next-hop interface: fe-0/1/1.0
588
10.0.80.3/32
10.0.90.12/30
10.0.90.12/32
10.0.90.14/32
10.0.90.14/32
10.0.90.15/32
10.5.0.0/16
10.10.0.0/16
10.13.10.0/23
10.84.0.0/16
10.150.0.0/16
10.157.64.0/19
10.209.0.0/16
dest
intf
dest
intf
dest
dest
user
user
user
user
user
user
user
0
0
0
0
0
0
0
0
0
0
0
0
0
10.0.80.3
10.0.90.12
10.0.90.14
10.0.90.14
10.0.90.15
192.168.187.126
192.168.187.126
192.168.187.126
192.168.187.126
192.168.187.126
192.168.187.126
192.168.187.126
bcst
rslv
recv
locl
locl
bcst
ucst
ucst
ucst
ucst
ucst
ucst
ucst
677
684
682
683
683
681
324
324
324
324
324
324
324
1
1
1
2
2
1
15
15
15
15
15
15
15
so-0/0/1.0
fe-0/1/0.0
fe-0/1/0.0
fe-0/1/0.0
fxp0.0
fxp0.0
fxp0.0
fxp0.0
fxp0.0
fxp0.0
fxp0.0
...
Routing table: default.iso
ISO:
Destination
Type RtRef Next hop
default
perm
0
589
Logical system: R4
Routing table: vpn-red.inet6
Internet6:
Destination
Type RtRef Next hop
default
perm
0
::/128
perm
0
ff00::/8
perm
0
ff02::1/128
perm
0 ff02::1
Logical system: R4
Routing table: vpn-red.mpls
MPLS:
Destination
Type RtRef Next hop
default
perm
0
590
2
0 224.0.0.1
1 224.0.0.5
0
36
69
1
2
indr
81
3
Push 100004, Push
mdsc
mcst
mcst
bcst
5
1
1
2
3
8
8
3
Release Information
Description
Options
Output Fields
view
Sample Output
show route hidden
user@host> show route hidden
inet.0: 25 destinations, 26 routes (24 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
127.0.0.1/32
[Direct/0] 04:26:38
> via lo0.0
private1__.inet.0: 2 destinations, 3 routes (2 active, 0 holddown, 0 hidden)
red.inet.0: 6 destinations, 8 routes (4 active, 0 holddown, 3 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
10.5.5.5/32
[BGP/170] 03:44:10, localpref 100, from 10.4.4.4
AS path: 100 I
Unusable
10.12.1.0/24
[BGP/170] 03:44:10, localpref 100, from 10.4.4.4
AS path: 100 I
Unusable
591
10.12.80.4/30
...
592
P Prf
D
0
Metric 1
Metric 2
Next hop
>lo0.0
AS path
P
B
B
B
Prf
170
170
170
Metric 1
100
100
100
Metric 2
Next hop
Unusable
Unusable
Unusable
AS path
100 I
100 I
I
Metric 1
Metric 2
Next hop
AS path
100
Unusable
100 I
100
Unusable
100 I
100
Unusable
593
Syntax
Description
Options
Output Fields
view
Sample Output
show route inactive-path
user@host> show route inactive-path
inet.0: 25 destinations, 26 routes (24 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
10.12.100.12/30
594
[Direct/0] 04:39:56
> via fxp1.0
595
P Prf
O 10
Metric 1
1
Metric 2
Next hop
>so-0/3/0.0
AS path
P Prf
D
0
Metric 1
Metric 2
Next hop
>fxp1.0
AS path
P Prf
B 170
Metric 1
100
Metric 2
Next hop
>10.12.80.1
AS path
100 I
596
597
Syntax
Release Information
Description
Options
specify a level of output, the system defaults to brief. (These options are not available
with the operational keyword.)
instance-name(Optional) Display information for all routing instances whose name
begins with this string (for example, cust1, cust11, and cust111 are all displayed when
you run the show route instance cust1 command).
logical-system (all | logical-system-name)(Optional) Perform this operation on all logical
Required Privilege
Level
Related
Documentation
598
view
Example: Configuring the Helper Capability Mode for OSPFv3 Graceful Restart
Output Fields
Table 38 on page 599 lists the output fields for the show route instance command. Output
fields are listed in the approximate order in which they appear.
Field Description
Level of Output
Instance or instance-name
All levels
Type
All levels
State
Interfaces
Restart State
detail
detail
Tables
Route-distinguisher
detail
Vrf-import
detail
Vrf-export
detail
Vrf-import-target
detail
Vrf-export-target
detail
Vrf-edge-protection-id
detail
Fast-reroute-priority
Fast reroute priority setting for a VPLS routing instance: high, medium,
or low. The default is low.
detail
Restart State
Restart state:
detail
Primary rib
Active/holddown/hidden
All levels
599
Sample Output
show route instance
user@host> show route instance
Instance
Type
Primary RIB
master
forwarding
inet.0
iso.0
mpls.0
inet6.0
l2circuit.0
__juniper_private1__ forwarding
__juniper_private1__.inet.0
__juniper_private1__.inet6.0
Active/holddown/hidden
16/0/1
1/0/0
0/0/0
2/0/0
0/0/0
12/0/0
1/0/0
600
1 hidden)
hidden)
hidden)
0 hidden)
0 hidden)
hidden)
hidden)
hidden)
BGP-L.inet.0
: 4 routes (4
Restart Complete
BGP-L.mpls.0
: 3 routes (3
Restart Complete
L2VPN:
Router ID: 0.0.0.0
Type: l2vpn
State: Active
Restart State: Complete Path selection
Interfaces:
t3-0/0/0.512
Route-distinguisher: 10.255.14.176:512
Vrf-import: [ L2VPN-import ]
Vrf-export: [ L2VPN-export ]
Tables:
L2VPN.l2vpn.0
: 2 routes (2
Restart Complete
LDP:
Router ID: 10.69.105.1
Type: vrf
State: Active
Restart State: Complete Path selection
Interfaces:
t3-0/0/0.105
Route-distinguisher: 10.255.14.176:105
Vrf-import: [ LDP-import ]
Vrf-export: [ LDP-export ]
Tables:
LDP.inet.0
: 5 routes (4
Restart Complete
OSPF:
Router ID: 10.69.101.1
Type: vrf
State: Active
Restart State: Complete Path selection
Interfaces:
t3-0/0/0.101
Route-distinguisher: 10.255.14.176:101
Vrf-import: [ OSPF-import ]
Vrf-export: [ OSPF-export ]
Vrf-import-target: [ target:11111
Tables:
OSPF.inet.0
: 8 routes (7
Restart Complete
RIP:
Router ID: 10.69.102.1
Type: vrf
State: Active
Restart State: Complete Path selection
Interfaces:
t3-0/0/0.102
Route-distinguisher: 10.255.14.176:102
Vrf-import: [ RIP-import ]
Vrf-export: [ RIP-export ]
Tables:
RIP.inet.0
: 6 routes (6
Restart Complete
STATIC:
Router ID: 10.69.100.1
Type: vrf
State: Active
Restart State: Complete Path selection
Interfaces:
t3-0/0/0.100
Route-distinguisher: 10.255.14.176:100
Vrf-import: [ STATIC-import ]
timeout: 300
timeout: 300
timeout: 300
timeout: 300
timeout: 300
601
Vrf-export: [ STATIC-export ]
Tables:
STATIC.inet.0
: 4 routes (4 active, 0 holddown, 0 hidden)
Restart Complete
602
1 hidden)
hidden)
hidden)
0 hidden)
0 hidden)
hidden)
hidden)
hidden)
hidden)
hidden)
Vrf-export: [ L2VPN-export ]
Tables:
L2VPN.l2vpn.0
: 2 routes (2
Restart Pending: VPN L2VPN
LDP:
Router ID: 10.69.105.1
Type: vrf
State: Active
Restart State: Pending Path selection
Interfaces:
t3-0/0/0.105
Route-distinguisher: 10.255.14.176:105
Vrf-import: [ LDP-import ]
Vrf-export: [ LDP-export ]
Tables:
LDP.inet.0
: 5 routes (4
Restart Pending: OSPF LDP VPN
OSPF:
Router ID: 10.69.101.1
Type: vrf
State: Active
Restart State: Pending Path selection
Interfaces:
t3-0/0/0.101
Route-distinguisher: 10.255.14.176:101
Vrf-import: [ OSPF-import ]
Vrf-export: [ OSPF-export ]
Tables:
OSPF.inet.0
: 8 routes (7
Restart Pending: OSPF VPN
RIP:
Router ID: 10.69.102.1
Type: vrf
State: Active
Restart State: Pending Path selection
Interfaces:
t3-0/0/0.102
Route-distinguisher: 10.255.14.176:102
Vrf-import: [ RIP-import ]
Vrf-export: [ RIP-export ]
Tables:
RIP.inet.0
: 8 routes (6
Restart Pending: RIP VPN
STATIC:
Router ID: 10.69.100.1
Type: vrf
State: Active
Restart State: Pending Path selection
Interfaces:
t3-0/0/0.100
Route-distinguisher: 10.255.14.176:100
Vrf-import: [ STATIC-import ]
Vrf-export: [ STATIC-export ]
Tables:
STATIC.inet.0
: 4 routes (4
Restart Pending: VPN
timeout: 300
timeout: 300
timeout: 300
timeout: 300
603
lsi.1048832
fe-0/1/0.513
Route-distinguisher: 10.255.37.65:1
Vrf-import: [ __vrf-import-test-vpls-internal__ ]
Vrf-export: [ __vrf-export-test-vpls-internal__ ]
Vrf-import-target: [ target:300:1 ]
Vrf-export-target: [ target:300:1 ]
Vrf-edge-protection-id: 166.1.3.1 Fast-reroute-priority: high
Tables:
test-vpls.l2vpn.0
: 3 routes (3 active, 0 holddown, 0 hidden)
604
Active/holddown/hidden
15/0/1
1/0/0
35/0/0
0/0/0
2/0/0
0/0/0
0/0/0
5/0/0
0/0/0
0/0/0
5/0/0
0/0/0
4/0/0
0/0/0
0/0/0
0/0/0
0/0/0
2/0/0
4/0/0
0/0/0
0/0/0
0/0/0
0/0/0
7/0/0
0/0/0
0/0/0
6/0/0
0/0/0
0/0/0
4/0/0
STATIC.iso.0
STATIC.inet6.0
0/0/0
0/0/0
605
Syntax
Description
Options
Required Privilege
Level
List of Sample Output
Output Fields
view
Sample Output
show route next-hop
user@host> show route next-hop 192.168.71.254
inet.0: 18 destinations, 18 routes (17 active, 0 holddown, 1 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
10.10.0.0/16
10.209.0.0/16
172.16.0.0/12
192.168.0.0/16
606
*[Static/5] 06:26:25
> to 192.168.71.254 via fxp0.0
*[Static/5] 06:26:25
> to 192.168.71.254 via fxp0.0
*[Static/5] 06:26:25
> to 192.168.71.254 via fxp0.0
*[Static/5] 06:26:25
192.168.102.0/23
207.17.136.0/24
207.17.136.192/32
> to 192.168.71.254
*[Static/5] 06:26:25
> to 192.168.71.254
*[Static/5] 06:26:25
> to 192.168.71.254
*[Static/5] 06:26:25
> to 192.168.71.254
via fxp0.0
via fxp0.0
via fxp0.0
via fxp0.0
607
AS path: I
192.168.0.0/16 (1 entry, 1 announced)
*Static Preference: 5
Next-hop reference count: 36
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
1
Age: 6:27:41
Task: RT
Announcement bits (3): 0-KRT 3-Resolve tree 1 5-Resolve tree 2
AS path: I
192.168.102.0/23 (1 entry, 1 announced)
*Static Preference: 5
Next-hop reference count: 36
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
1
Age: 6:27:41
Task: RT
Announcement bits (3): 0-KRT 3-Resolve tree 1 5-Resolve tree 2
AS path: I
207.17.136.0/24 (1 entry, 1 announced)
*Static Preference: 5
Next-hop reference count: 36
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
1
Age: 6:27:41
Task: RT
Announcement bits (3): 0-KRT 3-Resolve tree 1 5-Resolve tree 2
AS path: I
207.17.136.192/32 (1 entry, 1 announced)
*Static Preference: 5
Next-hop reference count: 36
Next hop: 192.168.71.254 via fxp0.0, selected
State: <Active NoReadvrt Int Ext>
Local AS:
1
Age: 6:27:41
Task: RT
Announcement bits (3): 0-KRT 3-Resolve tree 1 5-Resolve tree 2
AS path: I
private1__.inet.0: 2 destinations, 3 routes (2 active, 0 holddown, 0 hidden)
red.inet.0: 4 destinations, 5 routes (4 active, 0 holddown, 0 hidden)
Restart Complete
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
Restart Complete
mpls.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
Restart Complete
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
Restart Complete
private1__.inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
608
609
610
Destination
10.10.0.0/16
10.209.0.0/16
172.16.0.0/12
P Prf
S
5
S
5
S
5
Metric 1
Metric 2
Next hop
>192.168.71.254
>192.168.71.254
>192.168.71.254
AS path
*
*
*
*
192.168.0.0/16
192.168.102.0/23
207.17.136.0/24
207.17.136.192/32
S
S
S
S
5
5
5
5
>192.168.71.254
>192.168.71.254
>192.168.71.254
>192.168.71.254
611
Syntax
Release Information
Description
Options
address ip-addressDisplay entries in the routing table that are to be sent out the interface
Output Fields
612
view
Sample Output
show route output address
user@host> show route output address 36.1.1.1/24
inet.0: 28 destinations, 30 routes (27 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
36.1.1.0/24
*[Direct/0] 00:19:56
> via so-0/1/2.0
[OSPF/10] 00:19:55, metric 1
> via so-0/1/2.0
613
P Prf
D
0
O 10
Metric 1
Metric 2
Next hop
>so-0/1/2.0
>so-0/1/2.0
AS path
10.255.71.241/32
14.1.1.0/24
16.1.1.0/24
36.1.1.0/24
614
P Prf
O 10
Metric 1
2
* 10.255.71.241/32
* 14.1.1.0/24
O
O
10
10
1
3
* 16.1.1.0/24
* 36.1.1.0/24
O
D
O
10
0
10
2
1
Metric 2
Next hop
so-0/1/2.0
>so-0/3/2.0
>so-0/1/2.0
35.1.1.2
>so-0/1/2.0
so-0/3/2.0
>so-0/1/2.0
>so-0/1/2.0
>so-0/1/2.0
AS path
615
616
Syntax
Description
Display the route entries in the routing table that were learned from a particular protocol.
Options
brief | detail | extensive | terse(Optional) Display the specified level of output. If you do
cccCircuit cross-connect
frrPrecomputed protection route or backup route used when a link goes down
l2circuitLayer 2 circuit
617
localLocal address
tunnelDynamic tunnel
NOTE: EX Series switches run a subset of these protocols. See the switch
CLI for details.
Required Privilege
Level
List of Sample Output
618
view
For information about output fields, see the output field tables for the show route
command, the show route detail command, the show route extensive command, or
the show route terse command.
Sample Output
show route protocol access
user@host> show route protocol access
inet.0: 30380 destinations, 30382 routes (30379 active, 0 holddown, 1 hidden)
+ = Active Route, - = Last Active, * = Both
13.160.0.3/32
13.160.0.4/32
13.160.0.5/32
*[Access/13] 00:00:09
> to 13.160.0.2 via fe-0/0/0.0
*[Access/13] 00:00:09
> to 13.160.0.2 via fe-0/0/0.0
*[Access/13] 00:00:09
> to 13.160.0.2 via fe-0/0/0.0
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
619
20.20.1.9/32
20.20.1.10/32
20.20.1.11/32
20.20.1.12/32
20.20.1.13/32
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
[ARP/4294967293]
Unusable
...
620
P Prf
B 170
Metric 1
100
Metric 2
Next hop
>100.1.3.2
AS path
10023 21 I
*[Direct/0] 17w0d
> via fe-1/3/1.0
*[Direct/0] 25w4d
> via lo0.0
*[Direct/0] 17w0d
> via fe-1/3/2.0
*[Direct/0] 25w4d
> via fxp0.0
10:31:49
04:13:18
23:06:26
04:13:20
621
20.20.1.4/32
20.20.1.5/32
20.20.1.6/32
20.20.1.7/32
20.20.1.8/32
20.20.1.9/32
20.20.1.10/32
...
622
*L2CKT
Preference: 7
Next hop: via so-1/1/2.0 weight 1, selected
Label-switched-path my-lsp
Label operation: Push 100000, Push 100000(top)[0] Offset: -4
Protocol next hop: 10.245.255.63
Push 100000 Offset: -4
Indirect next hop: 86af0c0 298
State: <Active Int>
Local AS:
99
Age: 9:52
Task: Common L2 VC
Announcement bits (2): 0-KRT 1-Common L2 VC
AS path: I
623
624
625
10.255.14.179/32
224.0.0.5/32
626
t3-0/2/0.0
t3-0/2/0.0
t3-0/2/0.0
t3-0/2/0.0
t3-0/2/0.0
t3-0/2/0.0
627
Task: RT
Announcement bits (1): 0-KRT
AS path: I
628
Syntax
Release Information
Description
Options
or ripng) and address of the neighboring router from which the route entry was
received.
Additional Information
Required Privilege
Level
List of Sample Output
Output Fields
The output displays the selected routes and the attributes with which they were received,
but does not show the effects of import policy on the routing attributes.
view
629
Field Description
Level of Output
routing-table-name
All levels
number
destinations
Number of destinations for which there are routes in the routing table.
All levels
number routes
Number of routes in the routing table and total number of routes in the following
states:
All levels
active
holddown (routes that are in pending state before being declared inactive)
Prefix
Destination prefix.
none brief
MED
none brief
destination-prefix
(entry, announced)
Destination prefix. The entry value is the number of routes for this destination,
and the announced value is the number of routes being announced for this
destination.
detail extensive
Accepted
LongLivedStale
The LongLivedStale flag indicates that the route was marked LLGR-stale by
this router, as part of the operation of LLGR receiver mode. Either this flag or
the LongLivedStaleImport flag may be displayed for a route. Neither of these
flags are displayed at the same time as the Stale (ordinary GR stale) flag.
detail extensive
Accepted
LongLivedStaleImport
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale
when it was received from a peer, or by import policy. Either this flag or the
LongLivedStale flag may be displayed for a route. Neither of these flags are
displayed at the same time as the Stale (ordinary GR stale) flag.
detail extensive
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale
routes learned from configured neighbors and import into the inet.0 routing
table
ImportAccepted
LongLivedStaleImport
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale
routes learned from configured neighbors and imported into the inet.0 routing
table
detail extensive
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale
when it was received from a peer, or by import policy.
Route Distinguisher
detail extensive
Label-Base, range
First label in a block of labels and label block size. A remote PE routing device
uses this first label when sending traffic toward the advertising PE routing device.
detail extensive
VPN Label
Virtual private network (VPN) label. Packets are sent between CE and PE routing
devices by advertising VPN labels. VPN labels transit over either an RSVP or an
LDP label-switched path (LSP) tunnel.
detail extensive
630
Field Description
Level of Output
Next hop
Next hop to the destination. An angle bracket (>) indicates that the route is the
selected route.
All levels
Localpref or
Lclpref
All levels
AS path
Autonomous system (AS) path through which the route was learned. The letters
at the end of the AS path indicate the path origin, providing an indication of the
state of the route at the point at which the AS path originated:
All levels
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
[ ]Brackets enclose the number that precedes the AS path. This number
order does not matter. A set commonly results from route aggregation. The
numbers in each AS set are displayed in ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an
unrecognized attribute and associated hexadecimal value if BGP receives
attribute 128 (attribute set) and you have not configured an independent domain
in any routing instance.
Cluster list
(For route reflected output only) Cluster ID sent by the route reflector.
detail extensive
Originator ID
(For route reflected output only) Address of routing device that originally sent
the route to the route reflector.
detail extensive
Communities
Community path attribute for the route. See the Output Field table in the show
route detail command for all possible values for this field.
detail extensive
AIGP
detail extensive
Attrset AS
Number, local preference, and path of the AS that originated the route. These
values are stored in the Attrset attribute at the originating routing device.
detail extensive
Layer2-info:
encaps
detail extensive
control flags
detail extensive
631
Field Description
Level of Output
mtu
detail extensive
Sample Output
show route receive-protocol bgp
user@host> show route receive-protocol bgp 10.255.245.215
inet.0: 28 destinations,
Prefix
10.22.1.0/24
10.22.2.0/24
632
Localpref: 100
AS path: AS2 PA[6]: 14203 2914 3356 29748 33437 AS_TRANS
AS path: AS4 PA[2]: 33437 393219
AS path: Merged[6]: 14203 2914 3356 29748 33437 393219 I
Communities: 2914:420
633
Accepted
Route Label: 300160
Nexthop: 10.0.0.9
AS path: 13979 7018 I
634
635
Localpref: 100
AS path: I
iso.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
mpls.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
bgp.l3vpn.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
* 10.255.14.174:2:10.49.0.0/30 (1 entry, 0 announced)
Route Distinguisher: 10.255.14.174:2
VPN Label: 101264
Nexthop: 10.255.14.174
Localpref: 100
AS path: I
Communities: target:200:100
AttrSet AS: 100
Localpref: 100
AS path: I
* 10.255.14.174:2:10.255.14.172/32 (1 entry, 0 announced)
Route Distinguisher: 10.255.14.174:2
VPN Label: 101280
Nexthop: 10.255.14.174
Localpref: 100
AS path: I
Communities: target:200:100
AttrSet AS: 100
Localpref: 100
AS path: I
inet6.0: 2 destinations, 2 routes (2 active, 0 holddown, 0 hidden)
636
637
Syntax
Description
Options
this string (for example, inet.0 and inet6.0 are both displayed when you run the show
route table inet command).
Required Privilege
Level
Related
Documentation
List of Sample Output
638
view
Table 29 on page 514 describes the output fields for the show route table command.
Output fields are listed in the approximate order in which they appear.
Field Description
routing-table-name
Restart complete
Pending:protocol-nameList of protocols that have not yet completed graceful restart for this
routing table.
LDP.inet.0
: 5 routes (4 active, 1 holddown, 0 hidden)
Restart Pending: OSPF LDP VPN
This indicates that OSPF, LDP, and VPN protocols did not restart for LDP.inet.0 routing table.
number destinations
Number of destinations for which there are routes in the routing table.
number routes
Number of routes in the routing table and total number of routes in the following states:
holddown (routes that are in the pending state before being declared inactive)
639
Field Description
route-destination
(entry, announced)
Route destination (for example:10.0.0.1/24). The entry value is the number of routes for this destination,
and the announced value is the number of routes being announced for this destination. Sometimes
the route destination is presented in another format, such as:
10.1.1.195:NoCtrlWord:1:1:Local/96).
control-word-statusWhether the use of the control word has been negotiated for this virtual
circuit: NoCtrlWord or CtrlWord.
encapsulation typeType of encapsulation, represented by a number: (1) Frame Relay DLCI, (2)
ATM AAL5 VCC transport, (3) ATM transparent cell transport, (4) Ethernet, (5) VLAN Ethernet,
(6) HDLC, (7) PPP, (8) ATM VCC cell transport, (10) ATM VPC cell transport.
label stacking
(Next-to-the-last-hop routing device for MPLS only) Depth of the MPLS label stack, where the
label-popping operation is needed to remove one or more labels from the top of the stack. A pair of
routes is displayed, because the pop operation is performed only when the stack depth is two or more
labels.
S=0 route indicates that a packet with an incoming label stack depth of 2 or more exits this routing
[protocol, preference]
If there is no S= information, the route is a normal MPLS route, which has a stack depth of 1 (the
label-popping operation is not performed).
Protocol from which the route was learned and the preference value for the route.
+A plus sign indicates the active route, which is the route installed from the routing table into the
forwarding table.
*An asterisk indicates that the route is both the active and the last active route. An asterisk before
a to line indicates the best subpath to the route.
In every routing metric except for the BGP LocalPref attribute, a lesser value is preferred. In order to
use common comparison routines, Junos OS stores the 1's complement of the LocalPref value in the
Preference2 field. For example, if the LocalPref value for Route 1 is 100, the Preference2 value is -101.
If the LocalPref value for Route 2 is 155, the Preference2 value is -156. Route 2 is preferred because it
has a higher LocalPref value and a lower Preference2 value.
Level
(IS-IS only). In IS-IS, a single AS can be divided into smaller groups called areas. Routing between
areas is organized hierarchically, allowing a domain to be administratively divided into smaller areas.
This organization is accomplished by configuring Level 1 and Level 2 intermediate systems. Level 1
systems route within an area. When the destination is outside an area, they route toward a Level 2
system. Level 2 intermediate systems route between areas and toward other ASs.
Route Distinguisher
PMSI
Next-hop type
Type of next hop. For a description of possible values for this field, see Table 32 on page 541.
640
Field Description
Next-hop reference
count
Indicates that the number of flood next-hop branches exceeded the system limit of 32 branches, and
only a subset of the flood next-hop branches were installed in the kernel.
message
Source
Next hop
via
Interface used to reach the next hop. If there is more than one interface available to the next hop, the
name of the interface that is actually used is followed by the word Selected. This field can also contain
the following information:
WeightValue used to distinguish primary, secondary, and fast reroute backup routes. Weight
information is available when MPLS label-switched path (LSP) link protection, node-link protection,
or fast reroute is enabled, or when the standby state is enabled for secondary paths. A lower weight
value is preferred. Among routes with the same weight value, load balancing is possible.
BalanceBalance coefficient indicating how traffic of unequal cost is distributed among next hops
when a routing device is performing unequal-cost load balancing. This information is available
when you enable BGP multipath load balancing.
Label-switched-path
lsp-path-name
Label operation
MPLS label and operation occurring at this routing device. The operation can be pop (where a label
is removed from the top of the stack), push (where another label is added to the label stack), or swap
(where a label is replaced by another label).
Interface
Network layer address of the remote routing device that advertised the prefix. This address is used
to derive a forwarding next hop.
Index designation used to specify the mapping between protocol next hops, tags, kernel export policy,
and the forwarding next hops.
State
State of the route (a route can be in more than one state). See Table 33 on page 543.
Local AS
Age
AIGP
Metricn
Cost value of the indicated route. For routes within an AS, the cost is determined by IGP and the
individual protocol metrics. For external routes, destinations, or routing domains, the cost is determined
by a preference value.
641
Field Description
MED-plus-IGP
Metric value for BGP path selection to which the IGP cost to the next-hop destination has been added.
TTL-Action
For MPLS LSPs, state of the TTL propagation attribute. Can be enabled or disabled for all
RSVP-signaled and LDP-signaled LSPs or for specific VRF routing instances.
Task
Announcement bits
The number of BGP peers or protocols to which Junos OS has announced this route, followed by the
list of the recipients of the announcement. Junos OS can also announce the route to the KRT for
installing the route into the Packet Forwarding Engine, to a resolve tree, a L2 VC, or even a VPN. For
example, n-Resolve inet indicates that the specified route is used for route resolution for next hops
found in the routing table.
AS path
AS path through which the route was learned. The letters at the end of the AS path indicate the path
origin, providing an indication of the state of the route at the point at which the AS path originated:
IIGP.
EEGP.
When AS path numbers are included in the route, the format is as follows:
[ ]Brackets enclose the number that precedes the AS path. This number represents the number
of ASs present in the AS path, when calculated as defined in RFC 4271. This value is used in the
AS-path merge process, as defined in RFC 4893.
[ ]If more than one AS number is configured on the routing device, or if AS path prepending is
configured, brackets enclose the local AS number associated with the AS path.
{ }Braces enclose AS sets, which are groups of AS numbers in which the order does not matter.
A set commonly results from route aggregation. The numbers in each AS set are displayed in
ascending order.
NOTE: In Junos OS Release 10.3 and later, the AS path field displays an unrecognized attribute and
associated hexadecimal value if BGP receives attribute 128 (attribute set) and you have not configured
an independent domain in any routing instance.
validation-state
InvalidIndicates that the prefix is found, but either the corresponding AS received from the EBGP
peer is not the AS that appears in the database, or the prefix length in the BGP update message is
longer than the maximum length permitted in the database.
UnknownIndicates that the prefix is not among the prefixes or prefix ranges in the database.
UnverifiedIndicates that the origin of the prefix is not verified against the database. This is because
the database got populated and the validation is not called for in the BGP import policy, although
origin validation is enabled, or the origin validation is not enabled for the BGP peers.
642
ValidIndicates that the prefix and autonomous system pair are found in the database.
Field Description
Point-to-multipoint root address, multicast source address, and multicast group address when
multipoint LDP (M-LDP) inband signaling is configured.
Primary Upstream
When multipoint LDP with multicast-only fast reroute (MoFRR) is configured, the primary upstream
path. MoFRR transmits a multicast join message from a receiver toward a source on a primary path,
while also transmitting a secondary multicast join message from the receiver toward the source on
a backup path.
RPF Nexthops
When multipoint LDP with MoFRR is configured, the reverse-path forwarding (RPF) next-hop
information. Data packets are received from both the primary path and the secondary paths. The
redundant packets are discarded at topology merge points due to the RPF checks.
Label
Multiple MPLS labels are used to control MoFRR stream selection. Each label represents a separate
route, but each references the same interface list check. Only the primary label is forwarded while all
others are dropped. Multiple interfaces can receive packets using the same label.
weight
Value used to distinguish MoFRR primary and backup routes. A lower weight value is preferred. Among
routes with the same weight value, load balancing is possible.
VC Label
MTU
VLAN ID
Forwarding equivalent class (FEC) bound to this route. Applicable only to routes installed by LDP.
Communities
Community path attribute for the route. See Table 34 on page 545 for all possible values for this field.
Layer2-info: encaps
control flags
mtu
Label-Base, range
First label in a block of labels and label block size. A remote PE routing device uses this first label
when sending traffic toward the advertising PE routing device.
status vector
Accepted Multipath
Accepted
LongLivedStale
The LongLivedStale flag indicates that the route was marked LLGR-stale by this router, as part of the
operation of LLGR receiver mode. Either this flag or the LongLivedStaleImport flag may be displayed
for a route. Neither of these flags are displayed at the same time as the Stale (ordinary GR stale) flag.
643
Field Description
Accepted
LongLivedStaleImport
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale when it was received
from a peer, or by import policy. Either this flag or the LongLivedStale flag may be displayed for a
route. Neither of these flags are displayed at the same time as the Stale (ordinary GR stale) flag.
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale routes learned from
configured neighbors and import into the inet.0 routing table
ImportAccepted
LongLivedStaleImport
Accept all received BGP long-lived graceful restart (LLGR) and LLGR stale routes learned from
configured neighbors and imported into the inet.0 routing table
The LongLivedStaleImport flag indicates that the route was marked LLGR-stale when it was received
from a peer, or by import policy.
Accepted
MultipathContrib
Localpref
Router ID
In a routing table group, the name of the primary routing table in which the route resides.
Secondary Tables
In a routing table group, the name of one or more secondary tables in which the route resides.
Table 32 on page 541 describes all possible values for the Next-hop Types output field.
644
Next-Hop Type
Description
Broadcast (bcast)
Deny
Discard
Flood
Hold
Indexed (idxd)
Description
Indirect (indr)
Interface
Local (locl)
Multicast (mcst)
Multicast discard.
Receive (recv)
Receive.
Reject (rjct)
Resolve (rslv)
Router
Table
Unicast (ucst)
Unicast.
Unilist (ulst)
Table 33 on page 543 describes all possible values for the State output field. A route can
be in more than one state (for example, <Active NoReadvrt Int Ext>).
645
646
Value
Description
Accounting
Active
Route is active.
AS path
Clone
Route is a clone.
Delete
Ex
Exterior route.
Ext
FlashAll
Hidden
IfCheck
IGP metric
Inactive reason
Flags for this route, which was not selected as best for a
particular destination.
Initial
Int
Interior route.
Int Ext
Local Preference
Martian
Description
MartianOK
No difference
NoReadvrt
NotBest
Route not chosen because it does not have the lowest MED.
NotInstall
Number of gateways
Origin
Pending
Release
RIB preference
Route Distinguisher
Route Preference
Router ID
Secondary
Unusable path
Update source
Table 34 on page 545 describes the possible values for the Communities output field.
647
Description
area-number
4 bytes, encoding a 32-bit area number. For AS-external routes, the value is 0. A nonzero value
identifies the route as internal to the OSPF domain, and as within the identified area. Area
numbers are relative to a particular OSPF domain.
bandwidth: local AS
number:link-bandwidth-number
Link-bandwidth community value used for unequal-cost load balancing. When BGP has
several candidate paths available for multipath purposes, it does not perform unequal-cost
load balancing according to the link-bandwidth community unless all candidate paths have
this attribute.
domain-id
domain-id-vendor
link-bandwidth-number
local AS number
options
1 byte. Currently this is only used if the route type is 5 or 7. Setting the least significant bit in
the field indicates that the route carries a type 2 metric.
origin
ospf-route-type
1 byte, encoded as 1 or 2 for intra-area routes (depending on whether the route came from a
type 1 or a type 2 LSA); 3 for summary routes; 5 for external routes (area number must be0);
7 for NSSA routes; or 129 for sham link endpoint addresses.
route-type-vendor
Displays the area number, OSPF route type, and option of the route. This is configured using
the BGP extended community attribute 0x8000. The format is
area-number:ospf-route-type:options.
rte-type
Displays the area number, OSPF route type, and option of the route. This is configured using
the BGP extended community attribute 0x0306. The format is
area-number:ospf-route-type:options.
target
Defines which VPN the route participates in; target has the format 32-bit IP address:16-bit
number. For example, 10.19.0.0:100.
unknown IANA
Incoming IANA codes with a value between 0x1 and 0x7fff. This code of the BGP extended
community attribute is accepted, but it is not recognized.
Incoming IANA codes with a value above 0x8000. This code of the BGP extended community
attribute is accepted, but it is not recognized.
Sample Output
show route table bgp.l2.vpn
user@host> show route table bgp.l2.vpn
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
648
192.168.24.1:1:4:1/96
*[BGP/170] 01:08:58, localpref 100, from 192.168.24.1
AS path: I
> to 10.0.16.2 via fe-0/0/1.0, label-switched-path am
649
Task: BGP_35.10.255.245.12+179
Announcement bits (1): 0-BGP.0.0.0.0+179
AS path: 30 10458 14203 2914 11853 11853 11853 6496 6496 6496 6496 6496 6496 I
Communities: 2914:410 target:12:34 target:11111:1 origin:12:34
VPN Label: 182465
Localpref: 100
Router ID: 10.255.245.12
10.255.245.12:1:4.17.226.0/23 (1 entry, 1 announced)
*BGP
Preference: 170/-101
Route Distinguisher: 10.255.245.12:1
Source: 10.255.245.12
Next hop: 192.168.208.66 via fe-0/0/0.0, selected
Label operation: Push 182465
Protocol next hop: 10.255.245.12
Push 182465
Indirect next hop: 86bd210 330
State: <Active Int Ext>
Local AS:
35 Peer AS:
35
Age: 12:19
Metric2: 1
Task: BGP_35.10.255.245.12+179
Announcement bits (1): 0-BGP.0.0.0.0+179
AS path: 30 10458 14203 2914 11853 11853 11853 6496 6496 6496 6496 6496
6496 I
Communities: 2914:410 target:12:34 target:11111:1 origin:12:34
VPN Label: 182465
Localpref: 100
Router ID: 10.255.245.12
10.255.245.12:1:4.17.251.0/24 (1 entry, 1 announced)
*BGP
Preference: 170/-101
Route Distinguisher: 10.255.245.12:1
Source: 10.255.245.12
Next hop: 192.168.208.66 via fe-0/0/0.0, selected
Label operation: Push 182465
Protocol next hop: 10.255.245.12
Push 182465
Indirect next hop: 86bd210 330
State: <Active Int Ext>
Local AS:
35 Peer AS:
35
Age: 12:19
Metric2: 1
Task: BGP_35.10.255.245.12+179
Announcement bits (1): 0-BGP.0.0.0.0+179
AS path: 30 10458 14203 2914 11853 11853 11853 6496 6496 6496 6496 6496
6496 I
Communities: 2914:410 target:12:34 target:11111:1 origin:12:34
VPN Label: 182465
Localpref: 100
show route table bgp.rtarget.0 (When Proxy BGP Route Target Filtering Is Configured)
user@host> show route table bgp.rtarget.o
bgp.rtarget.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
100:100:100/96
*[RTarget/5] 00:03:14
Type Proxy
for 10.255.165.103
650
for 10.255.166.124
Local
*[Static/5] 00:51:57
> to 111.222.5.254 via fxp0.0
*[Direct/0] 00:51:58
> via at-5/3/0.0
*[Local/0] 00:51:58
Local
*[Local/0] 00:51:57
Reject
*[Direct/0] 00:51:58
> via t3-5/2/1.0
*[Local/0] 00:51:58
Local
*[Local/0] 00:51:58
Local
*[Direct/0] 00:33:59
> via t3-5/2/0.0
[Direct/0] 00:51:58
> via lo0.0
*[Direct/0] 00:51:58
> via fxp0.0
651
111.222.5.81/32
*[Local/0] 00:51:58
Local
652
100049
100049
100049
100049
653
100002(S=0)
100003
100004
so-0/1/0.1
so-0/1/0.2
100049(top)
100049(top)
100049(top) Offset: -4
100049(top) Offset: -4
654
655
label-switched-path lsp1_p2p
label-switched-path lsp1_p2p
Pop
Pop
656
10.255.71.18/32
10.255.71.15
657
10.255.245.245/32
10.255.245.246/32
658
the originator of the locally advertised route. Routes advertised by remote PEs are, as
usual, always learned locally from their respective [BGP/...] protocol.
user@host> show route table MVPN.mvpn.0
MVPN.mvpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
7:10.255.2.202:65535:65000:128:::192.168.90.2:128:ffff::1/432
*[PIM/70] 00:02:37, metric2 1
Indirect
5:100:32:192.168.1.9:32:239.1.1.1/240
*[PIM/105] 01:51:21
Multicast (IPv4)
7:100:1:100.32.192.168.5:32:237.1.1.1/240
*[PIM/105] 01:51:21
Multicast (IPv4)
659
1.1.1.4:100:1:0/96 MH
*[BGP/170] 1d 03:11:02, localpref 100, from 1.1.1.4
AS path: I, validation-state: unverified
>
via ge-1/2/1.5
1.1.1.4:NoCtrlWord:5:100:100:1.1.1.2:1.1.1.4/176
*[VPLS/7] 1d 03:11:02, metric2 1
>
via ge-1/2/1.5
1.1.1.4:NoCtrlWord:5:100:100:1.1.1.4:1.1.1.2/176
*[LDP/9] 1d 03:11:02
Discard
user@host> show route table red extensive
red.inet.0: 364481 destinations, 714087 routes (364480 active, 48448 holddown, 1
hidden)
22.0.0.0/32 (3 entries, 1 announced)
State: <OnList CalcForwarding>
TSI:
KRT in-kernel 22.0.0.0/32 -> {composite(1048575)} Page 0 idx 1 Type 1 val 0x934342c
Nexthop: Self
AS path: [2] I
Communities: target:2:1
Path 22.0.0.0 from 2.3.0.0 Vector len 4. Val: 1
@BGP
Preference: 170/-1
Route Distinguisher: 2:1
Next hop type: Indirect
Address: 0x258059e4
Next-hop reference count: 2
Source: 2.2.0.0
Next hop type: Router
Next hop: 10.1.1.1 via ge-1/1/9.0, selected
Label operation: Push 707633
Label TTL action: prop-ttl
Session Id: 0x17d8
Protocol next hop: 2.2.0.0
Push 16
Composite next hop: 0x25805988 - INH Session ID: 0x193c
Indirect next hop: 0x23eea900 - INH Session ID: 0x193c
State: <Secondary Active Int Ext ProtectionPath ProtectionCand>
Local AS:
2 Peer AS:
2
Age: 23
Metric2: 35
Validation State: unverified
Task: BGP_2.2.2.0.0+34549
AS path: I
Communities: target:2:1
Import Accepted
VPN Label: 16
Localpref: 0
Router ID: 2.2.0.0
Primary Routing Table bgp.l3vpn.0
Composite next hops: 1
Protocol next hop: 2.2.0.0 Metric: 35
Push 16
Composite next hop: 0x25805988 - INH Session ID: 0x193c
Indirect next hop: 0x23eea900 - INH Session ID: 0x193c
Indirect path forwarding next hops: 1
Next hop type: Router
Next hop: 10.1.1.1 via ge-1/1/9.0
Session Id: 0x17d8
2.2.0.0/32 Originating RIB: inet.3
Metric: 35
Node path count: 1
660
BGP
Forwarding nexthops: 1
Nexthop: 10.1.1.1 via ge-1/1/9.0
Preference: 170/-1
Route Distinguisher: 2:1
Next hop type: Indirect
Address: 0x9347028
Next-hop reference count: 3
Source: 2.3.0.0
Next hop type: Router, Next hop index: 702
Next hop: 10.1.4.2 via ge-1/0/0.0, selected
Label operation: Push 634278
Label TTL action: prop-ttl
Session Id: 0x17d9
Protocol next hop: 2.3.0.0
Push 16
Composite next hop: 0x93463a0 1048575 INH Session ID: 0x17da
Indirect next hop: 0x91e8800 1048574 INH Session ID: 0x17da
State: <Secondary NotBest Int Ext ProtectionPath ProtectionCand>
Inactive reason: Not Best in its group - IGP metric
Local AS:
2 Peer AS:
2
Age: 3:34
Metric2: 70
Validation State: unverified
Task: BGP_2.2.3.0.0+32805
Announcement bits (2): 0-KRT 1-BGP_RT_Background
AS path: I
Communities: target:2:1
Import Accepted
VPN Label: 16
Localpref: 0
Router ID: 2.3.0.0
Primary Routing Table bgp.l3vpn.0
Composite next hops: 1
Protocol next hop: 2.3.0.0 Metric: 70
Push 16
Composite next hop: 0x93463a0 1048575 INH Session ID:
0x17da
Indirect next hop: 0x91e8800 1048574 INH Session ID:
0x17da
Indirect path forwarding next hops: 1
Next hop type: Router
Next hop: 10.1.4.2 via ge-1/0/0.0
Session Id: 0x17d9
2.3.0.0/32 Originating RIB: inet.3
Metric: 70
Node path count: 1
Forwarding nexthops: 1
Nexthop: 10.1.4.2 via ge-1/0/0.0
#Multipath Preference: 255
Next hop type: Indirect
Address: 0x24afca30
Next-hop reference count: 1
Next hop type: Router
Next hop: 10.1.1.1 via ge-1/1/9.0, selected
Label operation: Push 707633
Label TTL action: prop-ttl
Session Id: 0x17d8
Next hop type: Router, Next hop index: 702
Next hop: 10.1.4.2 via ge-1/0/0.0
Label operation: Push 634278
Label TTL action: prop-ttl
Session Id: 0x17d9
661
662
Syntax
Release Information
Description
NOTE: For BGP routes, the show route terse command displays the local
preference attribute and MED instead of the metric1 and metric2 values. This
is mostly due to historical reasons.
To display the metric1 and metric2 value of a BGP route, use the show route
extensive command.
Options
view
Output Fields
Table 44 on page 663 describes the output fields for the show route terse command.
Output fields are listed in the approximate order in which they appear.
Field Description
routing-table-name
number destinations
Number of destinations for which there are routes in the routing table.
number routes
Number of routes in the routing table and total number of routes in the following states:
holddown (routes that are in the pending state before being declared inactive)
663
Field Description
route key
+A plus sign indicates the active route, which is the route installed from the routing table into the
forwarding table.
*An asterisk indicates that the route is both the active and the last active route. An asterisk before
a to line indicates the best subpath to the route.
?Not evaluated. Indicates that the route was not learned through BGP.
IInvalid. Indicates that the prefix is found, but either the corresponding AS received from the EBGP
peer is not the AS that appears in the database, or the prefix length in the BGP update message is
longer than the maximum length permitted in the database.
NUnknown. Indicates that the prefix is not among the prefixes or prefix ranges in the database.
VValid. Indicates that the prefix and autonomous system pair are found in the database.
Destination
AAggregate
BBGP
CCCC
DDirect
GGMPLS
IIS-IS
KKernel
MMPLS, MSDP
OOSPF
PPIM
RRIP, RIPng
SStatic
TTunnel
Prf
Preference value of the route. In every routing metric except for the BGP LocalPref attribute, a lesser
value is preferred. In order to use common comparison routines, Junos OS stores the 1's complement
of the LocalPref value in the Preference2 field. For example, if the LocalPref value for Route 1 is 100,
the Preference2 value is -101. If the LocalPref value for Route 2 is 155, the Preference2 value is -156.
Route 2 is preferred because it has a higher LocalPref value and a lower Preference2 value.
Metric 1
First metric value in the route. For routes learned from BGP, this is the MED metric.
Metric 2
Second metric value in the route. For routes learned from BGP, this is the IGP metric.
664
Field Description
Next hop
Next hop to the destination. An angle bracket (>) indicates that the route is the selected route.
AS path
AS path through which the route was learned. The letters at the end of the AS path indicate the path
origin, providing an indication of the state of the route at the point at which the AS path originated:
IIGP.
EEGP.
Sample Output
show route terse
user@host> show route terse
inet.0: 10 destinations, 12 routes (10 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
A V Destination
* ? 1.0.1.1/32
?
unverified
* ? 1.1.1.1/32
* V 2.2.0.2/32
valid
* ? 10.0.0.0/30
?
unverified
* ? 10.0.0.1/32
* ? 10.0.0.4/30
unverified
* ? 10.0.0.8/30
unverified
* I 172.16.1.1/32
invalid
* N 192.168.2.3/32
unknown
* ? 224.0.0.5/32
P Prf
O 10
B 170
D
0
B 170
D
0
B 170
L
0
B 170
Metric 1
1
100
Metric 2
Next hop
>10.0.0.2
AS path
I
>10.0.0.2
>lo0.2
110
200 I
>10.0.0.2
>lt-1/2/0.1
100
I
>10.0.0.2
Local
100
I
>10.0.0.2
B 170
100
I
>10.0.0.2
B 170
90
200 I
>10.0.0.2
B 170
O
10
100
1
200 I
>10.0.0.2
MultiRecv
665
Release Information
Description
Options
Required Privilege
Level
List of Sample Output
Output Fields
view
666
Field Name
Field Description
Level of
Output
keychain
All levels
Active-ID Send
All levels
Active-ID Receive
All levels
Next-ID Send
All levels
Next-ID Receive
All levels
Transition
All levels
Tolerance
All levels
Field Name
Field Description
Id
detail
Algorithm
detail
State
detail
receive
send
send-receive
detail
detail
667
Field Description
Level of
Output
Mode
detail
receive
send
send-receive
Sample Output
show security keychain brief
user@host> show security keychain brief
keychain
Active-ID
Send Receive
hakr
3
3
Next-ID
Send Receive
1
1
Transition
Tolerance
1d 23:58
3600
668
Tolerance
3600
test policy
Syntax
Release Information
Description
NOTE: If you are using the test policy command on a logical system, you must
first set the CLI to the logical system context. For example, if you want to test
a routing policy that is configured on logical system R2, first run the set cli
logical-system R2 command.
Options
policy-nameName of a policy.
prefixDestination prefix to match.
Additional Information
Required Privilege
Level
Related
Documentation
All prefixes in the default unicast routing table (inet.0) that match prefixes that are the
same as or longer than the specific prefix are processed by the from clause in the specified
policy. All prefixes accepted by the policy are displayed. The test policy command
evaluates a policy differently from the BGP import process. When testing a policy that
contains an interface match condition in the from clause, the test policy command uses
the match condition. In contrast, BGP does not use the interface match condition when
evaluating the policy against routes learned from internal BGP (IBGP) or external BGP
(EGBP) multihop peers.
view
Sample Output
test policy
user@host> test policy test-statics 3.0.0.1/8
inet.0: 44 destinations, 44 routes (44 active, 0 holddown, 0 hidden)
Prefixes passing policy:
669
3.0.0.0/8
670
traceroute clns
Syntax
Release Information
Description
Options
through 1 day.
Required Privilege
Level
List of Sample Output
Output Fields
network
Field Description
source
traceroute to
hops max
byte packets
Sample Output
traceroute clns
user@host>traceroute clns <ISO address of the destination> source <ISO address of the source>
traceroute clns 49.0005.80ff.f800.0000.0108.0001.0102.5522.4145.00 source
47.0005.80ff.f800.0000.0108.0001.0102.5522.4143.00
clnstraceroute to 49.0005.80ff.f800.0000.0108.0001.0102.5522.4145.00 from
47.0005.80ff.f800.0000.0108.0001.0102.5522.4143.00, 30 hops max, 17 byte packets
671
1
ms
2
3
4
5
ms
672
47.0005.80ff.f800.0000.0108.0001.0010.0010.0010.00
7.080 ms
5.579 ms
5.882
* * *
* * *
* * *
49.0005.80ff.f800.0000.0108.0001.0102.5522.4145.00
11.325 ms
7.704 ms
5.261
PART 5
Index
673
674
BFD
Index
Symbols
#, comments in configuration statements.................xviii
( ), in syntax descriptions..................................................xviii
< >, in syntax descriptions.................................................xviii
[ ], in configuration statements.......................................xviii
{ }, in configuration statements......................................xviii
| (pipe), in syntax descriptions........................................xviii
A
adjacencies
IS-IS, verifying ...............................................................281
advertisements, displaying ..............................................524
alias option for static-host-mapping
statement...........................................................................407
alias statement.....................................................................407
authentication
algorithm
IS-IS............................................................................33
IS-IS.....................................................................................33
keychains
IS-IS............................................................................33
authentication configuration
BFD.....................................................................................119
authentication-algorithm statement
IS-IS
usage guidelines....................................................34
authentication-key statement
IS-IS...................................................................................319
usage guidelines..............................................31, 34
authentication-key-chain statement...........................320
IS-IS
usage guidelines....................................................34
authentication-type statement
IS-IS...................................................................................321
usage guidelines.....................................................31
B
backup-spf-options statement
IS-IS..................................................................................323
best routes, displaying.........................................................531
authentication configuration....................................119
protocol...........................................................................109
sessions
clearing...................................................................420
displaying...............................................................441
BFD authentication
for IS-IS.............................................................................122
bfd-liveness-detection statement
IS-IS..................................................................................324
usage guidelines..................................................109
bfd-per-address-family
IS-IS..................................................................................324
BGP
communities
policy, routing..........................................................97
BGP (Border Gateway Protocol)
export policy for CLNS................................................241
Bidirectional Forwarding Detection See BFD
braces, in configuration statements..............................xviii
brackets
angle, in syntax descriptions...................................xviii
square, in configuration statements.....................xviii
C
checksum
for IS-IS..............................................................................39
checksum statement..........................................................326
clear bfd adaptation command......................................419
clear bfd session command............................................420
clear isis adjacency command.........................................421
clear isis database command.........................................423
clear isis overload command...........................................425
clear isis statistics command...........................................427
CLNP (Connectionless Network Protocol)......................3
CLNS (Connectionless Network Service) VPNs
BGP export policy.........................................................241
IS-IS...................................................................................241
CLNS node reachability, checking.................................429
clns-routing statement
IS-IS...................................................................................327
clns-updown-compatibility statement
IS-IS..................................................................................328
comments, in configuration statements.....................xviii
communities
policy, routing...................................................................97
community
example............................................................................98
complete sequence number PDUs, IS-IS........................6
675
conditions
routing policy...................................................................511
Configuring Remote LFA Backup over LDP Tunnels
in an IS-IS Network...........................................................175
connections
testing
CLNS connections.............................................429
context-identifier
IS-Is...................................................................................329
conventions
text and syntax..............................................................xvii
credibility-protocol-preference
traffic engineering
IS-IS..........................................................................413
csn (tracing flag)..................................................................410
csn, IS-IS protocol tracing flag........................................295
csnp-interval statement...................................................330
usage guidelines..........................................................229
curly braces, in configuration statements...................xviii
customer support...................................................................xix
contacting JTAC..............................................................xix
D
default route
configuring on logical systems................................257
delay statement
IS-IS.................................................................................405
delete routing-options static route command..........277
designated router, IS-IS
about..................................................................................28
configuring election priority.......................................29
detail statement
IS-IS protocol......................................................294, 297
detection-time statement
IS-IS..................................................................................324
disable statement
IS-IS..................................................................................332
graceful restart.....................................................337
LDP synchronization..........................................333
documentation
comments on..................................................................xix
dual stacking
IS-IS...................................................................................144
dynamic overload bit, resetting for IS-IS.....................425
E
error (tracing flag)
IS-IS...................................................................................410
export route information, displaying............................556
676
export statement
IS-IS..................................................................................334
usage guidelines....................................................98
external-preference statement
IS-IS..................................................................................335
F
family statement
IS-IS..................................................................................336
usage guidelines...................................................191
FAQs
routing protocol process memory.........................301
flag statements
IS-IS protocol............................................294, 297, 299
font conventions....................................................................xvii
forwarding adjacencies
IS-IS..................................................................................205
forwarding table
route entries, displaying.............................................577
G
graceful restart......................................................................344
graceful-restart (tracing flag)
IS-IS...................................................................................410
graceful-restart statement
IS-IS...................................................................................337
H
hello
IS-IS protocol tracing flag........................................296
statement
IS-IS protocol.............................................294, 299
hello (tracing flag)
IS-IS...................................................................................410
hello packets
IS-IS.......................................................................................6
hello-authentication-key statement............................338
hello-authentication-key-chain statement...............339
hello-authentication-type statement.........................340
hello-interval statement
IS-IS...................................................................................341
hello-padding statement..................................................342
helper-disable statement
IS-IS...................................................................................337
hidden routes, displaying...................................................591
hold-time statement
IS-IS..................................................................................344
LDP synchronization..........................................345
Index
holddown statement
IS-IS.................................................................................405
hostnames
IS-IS, displaying............................................................487
I
ignore-attached-bit statement......................................346
ignore-lsp-metrics statement
IS-IS..................................................................................347
IGP
shortcuts
overview..................................................................190
inet statement.......................................................................407
inet6 statement....................................................................407
interface statement
IS-IS..................................................................................348
interfaces
IS-IS, verifying................................................................281
ipv4-multicast statement.................................................353
usage guidelines...........................................................128
ipv4-multicast-metric statement..................................354
usage guidelines...........................................................128
IPv6
IS-IS...................................................................................144
ipv6-multicast statement.................................................355
ipv6-multicast-metric statement..................................355
ipv6-unicast statement.....................................................356
usage guidelines...........................................................150
ipv6-unicast-metric statement.......................................357
IS-IS
addresses............................................................................4
adjacency database entries, clearing
all...............................................................................421
authentication........................................31, 33, 319, 378
CSNP.......................................................................378
hello.........................................................................383
hitless keychain......................................................34
PSNP.......................................................................387
authentication keychain.................................320, 339
authentication, displaying.............................457, 666
backup coverage
displaying..............................................................459
backup MPLS LSPs.....................................................461
backup paths
SPF calculations.................................................470
backup-spf-options statement....................323, 401
BFD..........................................................................109, 324
CLNS.......................................................................327, 328
677
normal.....................................................................373
traffic engineering..............................................408
wide.................................................................213, 416
multicast topologies........................127, 128, 353, 355
IPv4..........................................................................383
IPv6..........................................................................385
multilevel..........................................................................20
neighbors, displaying.................................................450
network PDUs....................................................................4
no-eligible-backup statement...............................382
node link protection............................................162, 381
NSAP.....................................................................................4
overloaded, marking router as...............................389
padding...........................................................................342
partial sequence number PDUs........................6, 410
PDUs......................................................................................6
point-to-point interface............................................393
policy, routing........................................................98, 334
preferences..................................................98, 335, 394
prefix limit......................................................................395
redistributing OSPF routes into................................83
remote-backup
IPv4..........................................................................382
route tagging..................................................................107
routes, displaying.........................................................497
routing domains...........................................................363
RSVP LSP backup paths...........................................162
SPF calculations, displaying....................................501
SPF delay calculations...............................................410
supported software standards...................................8
topology.........................................................................409
tracing operations........................................................410
traffic engineering support...........191, 332, 404, 413
traffic statistics
clearing....................................................................427
displaying..............................................................506
wide metrics...................................................................213
IS-IS (Intermediate System-to-Intermediate
System)
about designated routers...........................................28
BFD authentication......................................................122
checksum..........................................................................39
configuring.........................................................................14
configuring designated router election
priority............................................................................29
for CLNS route exchange...........................................241
678
IS-IS protocol........................................................................290
adjacencies
status......................................................................293
verifying ..................................................................281
broken network topology, figure ............................279
configuration
Level 1 router .......................................................290
Level 1/Level 2 router .......................................288
Level 2 router .......................................................292
configuration, verifying..............................................282
detail statement................................................294, 297
displaying details.........................................................294
flag statement..........................................294, 297, 299
hello statement...........................................................299
interfaces, verifying .....................................................281
link-state PDUs
analyzing in detail...............................................297
lsp statement................................................................297
network topology
detailed figure......................................................288
figure ......................................................................294
levels, figure .........................................................287
receive statement.......................................................299
run show isis interface command.........................289
run show log command..................................295, 299
send statement...........................................................299
set flag command...................................294, 297, 299
show configuration protocols isis
command...................................................................282
show isis adjacency command...............................281
show isis interface command .................................281
show mpls lsp extensive command..........280, 284
trace messages............................................................294
tracing
configuring............................................................298
flags, table.............................................................295
verifying...........................................................................279
isis statement........................................................................358
ISO
addresses............................................................................4
system identifier...............................................................4
K
keychain
IS-IS.....................................................................................33
Index
L
label-switched-path statement
IS-IS..................................................................................359
usage guidelines.................................................205
ldp-synchronization statement
IS-IS.................................................................................360
usage guidelines...................................................217
level statement
IS-IS
interfaces...............................................................363
protocol...................................................................361
usage guidelines.............................................................20
link-protection statement
IS-IS..........................................................................161, 364
link-state PDUs..........................................................................6
link-state PDUs, analyzing IS-IS.....................................297
logical systems
configuring default route...........................................257
configuring IS-IS..................................................247, 257
configuring routing policy.........................................257
overview..........................................................................245
loose-authentication-check statement
IS-IS..................................................................................364
usage guidelines.............................................................33
lsp
IS-IS protocol
statement .............................................................297
tracing flag............................................................296
lsp (tracing flag)....................................................................410
lsp-equal-cost statement................................................365
lsp-generation (tracing flag)............................................410
lsp-generation, IS-IS protocol tracing flag.................296
lsp-interval statement.......................................................366
usage guidelines...........................................................224
lsp-lifetime statement........................................................367
LSPs
IGP shortcuts.................................................................190
M
manuals
comments on..................................................................xix
max-areas statement........................................................368
max-hello-size statement................................................369
max-lsp-size statement....................................................370
max-snp-size statement....................................................371
mesh groups.................................................................234, 372
mesh-group statement......................................................372
usage guidelines..........................................................234
metric statement
IS-IS...................................................................................373
metrics
IS-IS.................................................................................400
minimum-interval statement
IS-IS..................................................................................324
minimum-receive-interval statement
IS-IS..................................................................................324
usage guidelines..................................................109
multicast-rpf-routes statement.....................................374
multilevel IS-IS........................................................................20
multipath statement
IS-IS...................................................................................375
multiplier statement
IS-IS..................................................................................324
usage guidelines..................................................109
N
network PDUs.............................................................................4
network service access point................................................4
network topology
IS-IS protocol, detailed figure................................288
IS-IS protocol, figure..................................................293
levels IS-IS protocol, figure......................................287
next hops
routes sent to, displaying.........................................606
no-adaptation statement
BFD (IS-IS)
usage guidelines..................................................109
IS-IS..................................................................................324
no-adjacency-down-notification statement
IS-IS..................................................................................376
no-adjacency-holddown statement.............................377
no-authentication-check statement............................378
usage guidelines..............................................................31
no-csnp-authentication statement..............................378
usage guidelines..............................................................31
no-eligible-backup statement
IS-IS..................................................................................382
no-eligible-remote-backup statement.......................382
no-hello-authentication statement..............................383
usage guidelines..............................................................31
no-ipv4-multicast statement..........................................383
no-ipv4-routing statement..............................................384
no-ipv6-multicast statement.........................................385
no-ipv6-routing statement..............................................386
no-ipv6-unicast statement..............................................387
no-psnp-authentication statement..............................387
usage guidelines..............................................................31
679
no-unicast-topology statement....................................388
node-link-protection statement.....................................381
usage guidelines
IS-IS..........................................................................162
NPDUs...........................................................................................4
NSAP..............................................................................................4
O
OSPF
redistributing routes into IS-IS..................................83
overload bit, resetting for IS-IS.......................................425
overload statement
IS-IS..................................................................................389
P
packets
IS-IS protocol tracing flag........................................296
received...........................................................................298
sent...................................................................................298
packets (tracing flag)
IS-IS...................................................................................410
parentheses, in syntax descriptions..............................xviii
partial sequence number PDUs..........................................6
passive statement
IS-IS..................................................................................392
PDUs..............................................................................................6
ping clns command............................................................429
ping command
network
problems, identifying.........................................275
problems, identifying solutions.....................278
point-to-point statement.................................................393
policy, routing
communities....................................................................97
framework........................................................................43
IS-IS..........................................................................98, 334
overview.............................................................................43
preference statement
IS-IS..................................................................................394
preferences
IS-IS........................................................................335, 394
prefix limit
IS-IS..................................................................................395
prefix-export-limit statement
IS-IS..................................................................................395
priority statement
IS-IS..................................................................................396
processes
restarting..........................................................................431
680
protocols statement............................................................397
psn (tracing flag)..................................................................410
psn, IS-IS protocol tracing flag.......................................296
PSNP IS-IS...................................................................................6
R
rapid-runs statement
IS-IS.................................................................................405
receive statements
IS-IS protocol................................................................299
redistributing routes
OSPF into IS-IS...............................................................83
reference-bandwidth statement
IS-IS.................................................................................400
Remote LFA for LDP Tunnels in IS-IS.............................174
remote-backup-calculation statement
IS-IS...................................................................................401
restart command..................................................................431
restart-duration statement
IS-IS...................................................................................337
restarting
software processes.....................................................431
RFC 3719, Recommendations for Interoperable
Networks using Intermediate System to
Intermediate System (IS-IS)............................................8
rib-group statement
IS-IS..................................................................................402
route advertisements, displaying...................................524
route, displaying
next-hop........................................................................606
routers
configuration
IS-IS protocol ......................................................290
Level 1 IS-IS, configuring...........................................290
Level 1/Level 2 IS-IS, configuring...........................288
Level 2 IS-IS, configuring..........................................292
routes, displaying
active.................................................................................513
active path......................................................................519
advertising protocol....................................................524
all.......................................................................................529
best....................................................................................531
brief information..........................................................534
detailed information..................................................536
extensive information................................................559
hidden...............................................................................591
in a specific routing table.........................................638
in the forwarding table...............................................577
inactive path.................................................................594
Index
instances........................................................................598
learned from a specific protocol.............................617
matching the specified address............................554
policy-based route export.......................................556
received through a neighbor...................................629
sent to a specific interface........................................612
terse information.........................................................663
routing policies
BGP export, for CLNS..................................................241
displaying.......................................................................509
testing the configuration for...................................669
routing policy See policy, routing
configuring on logical systems................................257
routing protocol process memory
FAQs..................................................................................301
routing-instances statement..........................................403
run show isis interface command.............289, 290, 292
run show log command
IS-IS protocol ...........................................295, 297, 299
S
send statement
IS-IS protocol................................................................299
set flag command
IS-IS protocol ...........................................294, 297, 299
set flag hello detail command .......................................294
set flag hello send command ........................................299
set flag lsp detail command ............................................297
shortcuts statement
IS-IS.................................................................................404
usage guidelines...................................................191
shortest path first.................................................................501
show bfd session command............................................441
show configuration command........................................276
show configuration protocols isis command ...........282
show isis adjacency brief command................................18
show isis adjacency command ............................281, 450
show isis adjacency extensive command......................18
explanation.......................................................................19
show isis authentication command..............................457
show isis backup coverage...............................................459
show isis backup spf results............................................470
show isis context-identifier command.........................473
show isis database command.........................................475
show isis hostname command.......................................487
show isis interface command......................238, 281, 489
show isis overview command.........................................493
show isis route command.................................................497
show isis spf command......................................................501
681
T
te-metric statement
IS-IS.................................................................................408
technical support
contacting JTAC..............................................................xix
test policy command.........................................................669
threshold statement
IS-IS..................................................................................324
usage guidelines..................................................109
topologies statement........................................................409
traceoptions statement
IS-IS...................................................................................410
routing protocols
description.............................................................267
traceroute clns command..................................................671
traceroute command
identifying solutions to network
problems.....................................................................278
network problems, identifying................................275
tracing flags
csn.....................................................................................410
error
IS-IS..........................................................................410
graceful restart
IS-IS..........................................................................410
hello
IS-IS..........................................................................410
IS-IS protocol, table ..................................................295
lsp......................................................................................410
lsp-generation...............................................................410
packets
IS-IS..........................................................................410
psn.....................................................................................410
spf
IS-IS..........................................................................410
tracing operations
IS-IS...................................................................................410
routing protocols..........................................................267
traffic engineering
IGP shortcuts.................................................................190
traffic-engineering statement
IS-IS...................................................................................413
usage guidelines...................................................191
transmit-interval statement
IS-IS..................................................................................324
troubleshooting.....................................................................301
checklist for problems on your network..............273
commands for problems on your network.........273
evaluate the solution..................................................277
682
V
verification
BFD for IS-IS....................................................................115
IS-IS policy......................................................................261
multicast topology for IS-IS......................................133
tracing..............................................................................270
version statement
IS-IS..................................................................................324
usage guidelines..................................................109
W
wide-metrics-only statement..........................................416
usage guidelines............................................................213